PENETRATION TESTER

Code42 is an enterprise SaaS company that develops intuitive, optimized technology to securely protect and manage the world’s information.  Top-name brands and large organizations entrust their data to our industry-leading and award-winning CrashPlan endpoint security and backup products.  We are a well-funded private company backed by several of the venture capital industry’s most successful firms including Accel, JMI, NEA, and Split Rock Partners.

 

WHAT YOU’LL BE DOING:

Code42 is seeking a Security Analyst to help maintain our high standard of security in a rapidly growing cloud infrastructure. As a Security Analyst at Code42, you will coordinate, plan and conduct regular penetration tests, application assessments, and vulnerability assessments of Code42’s products, services and environment.

YOU’LL BE RESPONSIBLE FOR:

  • Perform penetration testing and application assessments of Code42 products, services and environment
  • Work with our internal Product Security team to prioritize remediation work and provide input into improving testing processes
  • Own and administer Code42’s internal Threat and Vulnerability Management (TVM) program for finding vulnerabilities in the Code42 environment
  • Perform all work with the highest industry and ethical standards
  • Coordinate work with other teams throughout Code42 to drive security issues to a quick, appropriate, and responsible resolution
  • Create and follow standard and consistent operating procedures for all assessment work
  • Write clear, concise and comprehensive reports regarding all findings and resolutions
  • All other duties as assigned

 

SKILLS AND REQUIREMENTS:

  • 5+ Years technical experience with 3+ years in dedicated security roles.
  • Comprehensive understanding of networking and vulnerability assessment tools such as: Burp Suite, Nessus, Metasploit, nmap and similar tools
  • Comprehensive understanding of web application vulnerabilities, and vulnerabilities common to Java applications
  • Comprehensive understanding of vulnerability management, including prioritization, mitigation, and remediation
  • Significant experience performing security assessments of Java applications
  • Significant understanding of emerging vulnerabilities and threats
  • Significant understanding of Agile SDLC
  • Experience performing penetration tests and application assessments for multi-tenant cloud platforms
  • Experience leveraging data produced by security tools
  • Experience with operating in a cloud environment, with emphasis on AWS

 

PREFERRED:

  • BS/BA degree or equivalent work experience
  • Programming experience with Python, Ruby, and/or shell scripting
  • Experience with maturing TVM programs
  • Basic understanding of social engineering tactics/techniques
  • Basic understanding of compliance frameworks such as PCI-DSS v3, ISO 27001 and NIST 800-53

 

 

STANDARD COMPETENCIES:

•          Cultivates Innovation

•          Collaborates

•          Values Differences

•          Instills Trust

•          Customer Focus

Source:http://app.jobvite.com/CompanyJobs/Careers.aspx?k=Job&c=q3VaVfwN&j=oRIx4fwU&s=Indeed