Verizon’s experienced penetration testers work with F500 customers to take the traditional vulnerability assessment and build upon it, acting as “ethical hackers” to evaluate the security of enterprise networks, applications, mobile devices, and data. Our penetration testers go beyond simply enumerating vulnerabilities, we assess them to understand the potential impact they pose our client’s business. This real-world discovery approach allows us to work with our client to systematically back-track and lock down information, whether by removing a weakness, or adding protective controls.
As a penetration tester, you will actively exploit vulnerabilities and then then use what we find to help develop solutions that can secure the enterprise. Our assessment process includes three components:
- Discovery: Working with the customer to take stock of system elements, including networks, applications, and mobile assets. Gather key information including registration data, operating system, patch, and service version information, and system and application configurations.
- Vulnerability Identification: Based on what we learn during the discovery phase, you will then take steps to challenge them. Using a variety of applicable tools, including in-house and commercially available programs, you will create a real-world scenario where you attempt to compromise system, application, and mobile security, gain unauthorized access to resources, or disrupt and exploit system services.
- Exploitation: As a security expert, you will exploit vulnerabilities detected during the identification stage, to determine the level of impact to the enterprise, had someone with malicious intent attempted the same action.
Specific Responsibilities of Position:
- Provide consulting services in the discipline of vulnerability management.
- Responsible for delivery and post-delivery support.
- Provide delivery of specific vulnerability management and penetration testing services including:
- Network, System, Application, Mobile, traditional web, and wireless
- Security Source Code Review
- Secure Application Development Training
- Participate in the development of new vulnerability management practice services
- Provide presentations to clients
- 5+ years of experience delivering penetration testing consulting engagements
- Red Team or Ethical Hacking experience
- Must have the ability to travel ~50%
- Experience delivering vulnerability management assessments and consulting
- Must have outstanding written and verbal communication and formal presentation skills
- Ability to work with clients effectively
- Ability to identify further opportunities
- Ability to continually refine the vulnerability offerings and deliverables
- Experience with mobile application penetration testing highly desired
- Certifications such as CEH, OSCP, CISSP
Equal Employment Opportunity
We’re proud to be an equal opportunity employer – and celebrate our employees’ differences, regardless of race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.