Penetration Testing Principal Engineer - Remote
Poland
Applications have closed
SonicWall
Defend SMBs, enterprises and governments from advanced cyber attacks with SonicWall's award-winning firewalls and cyber security solutions.This is a very visible position responsible for all aspects of the SonicWALL Security products. We are looking for a Security Analyst to perform on-going vulnerability assessment and penetration testing of the SonicWALL security products and internal backend network. Serving as a member of the Security Assessment Test Team (SATT) responsible for improving the overall security posture of the enterprise network. The Security Analyst will run periodic scans, identify vulnerabilities, develop test plans for exploiting vulnerabilities in a controlled environment, perform penetration testing, document results, investigate and propose mitigations for identified vulnerabilities, and work with team members as to mitigate the identified vulnerabilities.
The Security Analyst will also serve as an escalation point for addressing any threats identified by the enterprise security tools and processes.
Desired Skills & Experience
Responsibilities:
Perform research, analysis, and testing of network, application, physical and procedural vulnerabilities via vulnerability assessment, penetration test and/or social engineering.
Perform vulnerability scanning of SonicWall products, workstations, servers, and appliances in the backend network.
Perform internal vulnerability assessments and penetration tests prior to external audits
Clearly outline and portray test findings via well documented reports
Review IDS and or firewall signature / rule sets and make recommendations for improvement
Acquire a comprehensive technical understanding of all products in the SonicWALL product line and the underlying hardware/software technologies within the solution stack to enable technical leadership through the analysis stage to resolution of issues
Work with other team members to respond to any alerts and/or threats identified by the security tools and processes.
Identify, research, and assist in the implementation of any security tools and/or processes to improve the overall security posture
Maintain up-to-date detailed knowledge of the IT security threats and plan, prioritize, and implement, mitigation controls as necessary
Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
Participate in investigations into problematic activity.
Experience or familiarity with securing Microsoft SQL databases and IIS web services
Working technical knowledge of vulnerability scanning and remediation, traffic monitoring, and log analysis
Provide on-call support if necessary for all in-place security solutions
Perform other duties as assigned
Required Qualifications:
10 or more years of overall experience in the information security field
College diploma or university degree in the field of computers or engineering and/or 6 years equivalent work experience
Pen Tester, Penetration Tester, Spirent, BreakingPoint, KeySight, vulnerabilities, GPEN, Nmap, Nessus, Metasploit, Securityforest Exploitation framework, CORE IMPACT, testing, security
5+ years’ experience of Professional Web-Application Development or Source Code Review (C/C++, C#, VB.NET, ASP, PHP, and Java)
Knowledge of web architecture and protocols (HTTP(S), TCP/IP, ARP, SMTP, DNS, etc.)
Must understand how data flows through an application and connected components (SMTP, LDAP, Database servers) and common software security issues and remediation techniques
Proven analytical skills and technical competence, ideally in a manager or team lead
Microsoft Certified Systems Administrator: Security
Certified Ethical Hacker (CEH) Knowledge & Experience
Strong people manager and motivator, with strong team coaching and people development skills
Ability to present ideas in business-friendly and user-friendly language.
Highly self-motivated and directed.
Keen attention to detail.
Team-oriented and skilled in working within a collaborative environment.
Demonstrable presentation skills
Strong communicator
Self-starter, motivated and positive
Strong hands on leader
#LI-AK2 Abha
Tags: Audits C C++ CEH Core Impact DNS Firewalls GPEN IDS Java LDAP Log analysis Metasploit Monitoring Nessus Nmap Pentesting PHP Security assessment SMTP SQL TCP/IP Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs