Remote Penetration Tester openings in Los Angeles on September 22, 2022

Mobile Device Tester at NexWave

Location: Los Angeles

• Title: Mobile Device Tester
• Location : Mountain View CA ( Onsite from Day one)
• Strong Mobile / Android / QA Testing skills
• ADB / Unix commands
• Log analysis, trash and ANR
Apply Here
For Remote Mobile Device Tester roles, visit Remote Mobile Device Tester Roles

********

Principal, Penetration Tester at Ingram Micro, Inc.

Location: Irvine

Description
Ingram Micro is an integral part of the technology ecosystems, helping our partners grow and thrive through the creation and delivery of Information Technology, Cloud solutions and Lifecycle services. With more than $54 billion in revenue and the ability to reach 90% of the global population, we are one of the world’s largest technology distributors, serving our partners through operations in 61 countries with 29,000 associates.
• This position has the opportunity for hybrid work with up to three days remote per week.

Position Summary

We are looking for an experienced and highly skilled Senior Penetration Tester to add to our offensive security team that will be responsible for penetration testing and vulnerability scanning our company’s websites and assets, including IOT devices in our warehouses and logistics centers. The engineer in this role is expected to provide technical expertise to junior engineers, coordinate with senior leadership on projects, and assist the monitoring and response function.

The Senior Penetration Tester role represents the challenge of developing and improving penetration testing processes and procedures, reviewing vulnerability reports, and mentoring junior engineers and analysts. This role will be able to identify cybersecurity risks and work with various internal teams to resolve those risks. The ideal candidate should understand the importance of written reports and possess the ability to communicate results to both technical and business audiences.

Most importantly, the role must understand how to quantify risk and prioritize remediation tasks across the company.

This position is based in Irvine, California or Dallas, Texas with the possibility of being hybrid (partial in office and partial work from home) during normal business hours (8am to 5pm) to meet the needs of the client (other IT staff you support). You may be required to work outside normal business hours at times to satisfy different time zones and offshore teams as well as during emergency security incidents.

Key Responsibilities
• Asist to create, leverage automation, continuously develop, maintain and mature Offensive Security Program.
• Be a resourceful part of the talented team responsible for application and infrastructure penetration testing, supporting external vulnerability reports and overall vulnerability management.
• Perform penetration testing coverage across the global organization.
• Perform independent manual penetration tests of cloud and global IT infrastructure, web application, APIs, and IOT devices in our warehouse and logistics centers.
• Work with external vendors when third party penetration reports are required.
• Work closely with on- and off-shore testing teams and external vendors (when third party input is required) to test and deliver quality penetration reports.
• Provide appropriate knowledge transfer to off-shore testers to assist in testing efforts
• Review all applicable threats, discover vulnerabilities and collaborate with remediation treatment owners to remediate identified vulnerabilities.
• Develop comprehensive, accurate reports and presentations for both technical and executive audiences.
• Coach and mentor junior engineers in penetration testing techniques.
• Ensure knowledge creation around common vulnerabilities within the landscape and corresponding remediation practices.
• Research the latest security best practices and technologies, staying abreast of new threats and vulnerabilities and helping disseminate this information within the groups any.
• Utilize penetration testing tools, custom scripts, exploits, related automation, and innovation.
• Establish priorities over near-to-medium term.
• Build processes that speed up the discovery and resolution of findings.
• Work closely with developers and architects on identifying security issues early in the development cycle.

Skills & Experience
• Preferred 5+ years of strong hands-on experience in application and network penetration testing, vulnerability risk management and providing remediation recommendations.
• Advanced knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security.
• Experience with cloud service providers and their offerings.
• Strong understanding of vulnerabilities, common cker mindset: ability to think about creative threats and ors.
• Experience using vulnerability scanning software such as Nessus, teanable.io, tenable.sc, or similar.
• Strong technical understanding of CVSS, OWASP Top 10, SANS top 25, and Vulnerability Exploitability ratings
• Experience with multiple Operating systems (Linux, Unix, Windows)
• Development and/or architecture familiarity mobile applications, specifically iOS and Android
• Penetration testing experience with Dev Ops related technologies such as Docker, Kubernetes, and CI/CD tool environments.
• Penetration testing and reverse engineering experience with embedded systems and hardware (i.e. IoT devices)
• Strong…
Apply Here
For Remote Principal, Penetration Tester roles, visit Remote Principal, Penetration Tester Roles

********

Android Tester – Onsite at Radiansys

Location: Los Angeles

• We are looking for 449801 Android Tester-Onsite
• Please share your resumes at
• Title: 449801 Android Tester-Onsite
• Location: Los Angeles, CA
• # Candidate should have minimum 8-10 yrs experience
• # Minimum 6-8 yrs experience in testing Android applications and devices
• # Experience in executing Google certification tests, Google certification tools and test commands, logs and report generation
• Talent Acquisition Radiansys Inc.
Apply Here
For Remote Android Tester – Onsite roles, visit Remote Android Tester – Onsite Roles

********

Lead cyber security at Wells Fargo

Location: Irvine

About this role :

Wells Fargo is seeking a Lead Cyber Security Research Consultant to leverage both automated scanning tools and your own manual penetration testing expertise to continually improve the security posture of Wells Fargo applications.

You will be partnering with application teams to address any discovered vulnerabilities while focusing on improving your expertise in the field, staying up to date on newly discovered exploits and working within the organization further improve testing methodologies across the team.

This particular role will focus on leading Wells Fargo’s efforts in building our asset awareness and continuous automated scanning of our systems to enhance our real time threat assessment capabilities.

Our company offers a complex environment and the opportunity to work on a wide variety of technology solutions. Effective communication is critical in this role, as you will be acting as subject matter expert to the development and security communities within Wells Fargo.

The position will report into the FFIEC Security Assessment Manager within the Assessments and Commitments division. The emerging threats to Wells Fargo will require continuous development of your skills and quick assimilation of new information into your testing.

Are you ready to accept the challenge?

In this role, you will :
• Lead initiatives including the research, analysis, design, testing and implementation of the most complex computer network security and protection technologies for company information and network systems and applications
• Act as professional ethical penetration tester utilizing hacking tools to modify or create proof of concept exploits that mimic techniques of the most sophisticated attackers
• Review and analyze complex advanced computer security incident response activities and technical investigations of information security related incidents
• Identify vulnerabilities and associate those to a severity rating by deriving impact and ease of exploit
• Conduct security risk assessments to ensure compliance with corporate information security policies and adherence to best practices
• Communicate to the line of business on the inherent risks, providing meaningful mitigation strategies
• Provide leadership to principal engineers and supports special projects

Required Qualifications, US :
• 5+ years of Cyber Security Research experience, or equivalent demonstrated through one or a combination of the following : work experience, training, military experience, education
• 3+ years of web application penetration testing experience

Desired Qualifications :
• 2+ years developing python scripts
• Proficient in Linux system administration
• Knowledge of networking fundamentals
• 6+ months working with SQL

Job Expectations :

Ability to travel up to 5% of the time

We Value Diversity

At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.

Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company.

They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions.

There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.

Candidates applying to job openings posted in US : All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Candidates applying to job openings posted in Canada : Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities.

Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.

Last updated : 2022-09-22
Apply Here
For Remote Lead cyber security roles, visit Remote Lead cyber security Roles

********

Senior Security Test Engineer at Viasat

Location: Los Angeles

Job Description

One team. Global challenges. Infinite opportunities. At Viasat, we’re on a mission to deliver connections with the capacity to change the world. For more than 35 years, Viasat has helped shape how consumers, businesses, governments and militaries around the globe communicate. We’re looking for people who think big, act fearlessly, and create an inclusive environment that drives positive impact to join our team.

Job Responsibilities
• Security Tool and Test Development: lead the charge in developing automated security tests procedures and tools to analyze, test and secure SATCOM communications products and networks in a simulation of their operational environment (e.g., vacuum chamber), which can include space. Use vulnerability testing scenarios and the simulation of cybersecurity attacks including RF against Software Defined Radios, trends, and methodologies. Automate the replication of tactics, techniques and procedures used by modern attackers, common network exploitation and penetration techniques as well as common software exploitation techniques. Work with Cyber Threat Intelligence teams to incorporate the latest unclassified/classified Threat Intelligence. This includes working with government/academic/commercial researchers and institutions, operational technology research labs, commercial companies and public and private cybersecurity information sharing groups (e.g., ISACs) to define and implement the test cases that improve and test the cyber resilience of our products and networks. Develop security tools to automate security assessments, testing and assist with Red Team exercises and Penetration Testing.
• Security Testing: use security tools to simulate adversary threat-based approaches to expose and exploit vulnerabilities and weaknesses to improve the security of both ours and customer products and networks. Automate the execution of tests in a simulated space environment (e.g., vacuum chamber) and analysis or results. Provide constructive feedback to the defenders and product teams on their successes and failures including mitigation recommendations. Collaborate with a cross-functional team of the engineering, data science, product management, product marketing, and senior leadership to enhance the security of the company’s products and services.

Requirements
• Engineering, Physics, Mathematics, Computer Science Degree, or other technical degree
• At least 5 years testing experience, ideally for an embedded environment, product or communications system
• Proficiency in PowerShell, Python, C, C#, Go or other to build and extend toolsets
• Understanding of networking protocols with a preference for secure ones like SSH, HTTPS, TLS, IpSec, and others
• Software/Hardware/FPGA application and Information security testing concepts
• Ability to write scripts/tools to assist and automate security testing
• Passion for continuous learning, growth, research and tinkering
• Having the ability to work individually or within a team is a must
• Familiarity with Digital Signal Processing, Software Defined Radios and/or RF telecommunications with a preference for experience with SATCOM using GNURadio or MatLab
• Understanding of security vulnerabilities and common software engineering flaws
• A desire for continued learning, research, and expansion of skillsets essential to the role
• Experience with Linux/embedded Linux/RTOS
• Active TS clearance (or held one in the last 2 years)
• Willingness to obtain a DoD TS SCI clearance (or held one in the last 2)
• Occasional Travel up to 15%
• US citizenship

Preferences
• Test development or testing experience using hot/cold plates and/or vacuum chambers
• Understanding of FPGA or HW engineering flaws
• Demonstrable knowledge of common techniques for applications and service APIs
• Well-versed in testing HW, FPGAs, operating systems, user space/kernel device drivers, U-boot, and/or embedded software
• Please note: relocation assistance is available for non-local candidates (Carlsbad, CA).

To learn more about this site and other office locations, please click here!

#LI-Hybrid

Additional Requirements and Information

Minimum Education

BA/BS or equivalent experience

Years of Experience

5-8 years

Travel

Up to 10%

Citizenship

US Citizenship required

Clearance

Must be able to obtain a United States Top Secret/ SCI Clearance

Worker Classification

Employee
Apply Here
For Remote Senior Security Test Engineer roles, visit Remote Senior Security Test Engineer Roles

********

Sr Risk Analyst at Insight Global

Location: Los Angeles

• The InfoSec Assurance Lead is primarily responsible for planning, designing, and executing security assurance and risk assessment to promote the university’s information security strategy and compliance with regulatory and legal requirements.
• The role is also accountable for identifying security deficiencies and recommending corrective actions of identified vulnerabilities.
• Responsibilities include the creation and publication of internal controls, ensuring the development and maintenance of adequate compliance resources and training opportunities, and fostering a risk and compliance-focused culture within the division.
• This position works with IT internal support teams as well as external clients within the university to provide the highest standards of support relative to information security governance and risk management practices.
• Other responsibilities include providing guidance on security solutions, preparing benchmarking reports and presentations, monitoring security metrics to evaluate efficacy of security programs, and supporting security incident response activities.
• Minimum RequirementsBachelor’s degree or combined experience/education as substitute for minimum education 5 or more years of demonstrated IT experience, with at least 2 years in information security.
• Working knowledge of Windows-based platforms, application and TCP/IP network security technologies, information security concepts, principles and components of a comprehensive information security program.
• Experience in Application Security concepts, Control frameworks and control objectives.
• Aptitude for and interest in information and application security.
• Exceptional organizational skills to balance work and lead projects.
• Strong, professional written and verbal communication skills.
• Desired SkillsAdvanced knowledge of common web technologies, enterprise and network architecture Strong understanding of: modern security tools and controls, secure development life cycle methodologies, programming languages or other scripting languages, web-based application architectures (IIS, Apache, etc.)
• , financial industry regulations such as GLBA, PCI, and SOX application protocols such as MS-SQL, LDAP, and SSO, data protection controls, applied use of cryptography Advanced knowledge of or demonstrated experience with defense in depth, trust levels, privileges and Permissions.
• Advanced knowledge of or demonstrated experience in application penetration testing.
• Advanced knowledge of and experienced development of mainframe and Unix platforms.
• Large complex industry related experience.
Apply Here
For Remote Sr Risk Analyst roles, visit Remote Sr Risk Analyst Roles

********

Mid to Senior Level DevOps Engineer Remote at Motion Recruitment

Location: Los Angeles

• Opportunity based in Los Angeles for DevOps Engineer.
• The company is an SaaS platform that provides aerial drone footage and utilizes a combination of computer vision, customizable workflows to geospatial imagery, predictive analytics, and evolving AI to better support client’s unique needs.
• This is a full-time position, joining a team of seven.
• Their infrastructure is hosted on GCP and are looking for someone well-versed in Python and Kubernetes.
• The role is dynamic and engaging as you will be working on a diverse group of projects aimed to maximize platform stability.
• This position comes with a competitive salary and equity options upon hire.
• This opportunity allows for internal growth, quality work/life balance and the chance to help pioneer the company into new markets.
• Building and maintaining CI/CD processes
• Building and maintaining the internal development toolset
• Assist product development team with SDLC tasks
• Automate repetitive processes
• Identify and implement changes for improving baseline performance
• Remain up to date with new features being deployed/monitor for use
• Assist in gaining new vendors/evaluating existing vendors
• In depth knowledge of system scales and operating efficiency
• Conduct internal audits
• Problem solver for production issues
• Manage annual SOC2 process, client audits, and the vulnerability and penetration testing
• Required Skills & Experience
• 3+ years experience
• Expertise with Unix shell scripting
• Building, maintaining, and troubleshooting CI/CD pipelines
• Willingness to engage in various security tasks (SOC2, client audits, vulnerability/penetration testing, various internal audits)
• Proficient SQL skills
• Working with highly distributed, cloud-based systems
• Qualities of a Successful Candidate
• Comfortable with being part of an on-call team
• Security systems, applications, and data belonging to an organization are responsibilities shared by all
• Highly organized and extensive attention to detail
• Self-starter, independent learner, able to take on tasks with limited to no instruction
• Exceptional interpersonal and communication skills
• Competitive salary & equity options
• Health benefits – medical, dental, vision
• 401(k) Retirement Plan – Generous matching initiative
• 10 paid holidays
• 160 hours per year of PTO
• Basic life and AD&D insurance
• Cell phone and professional development reimbursement
Apply Here
For Remote Mid to Senior Level DevOps Engineer Remote roles, visit Remote Mid to Senior Level DevOps Engineer Remote Roles

********

The Tech Career Guru
We will be happy to hear your thoughts

Leave a reply

Tech Jobs Here
Logo