Senior Penetration Tester

Americas

Applications have closed

Ivanti

Ivanti finds, heals and protects every device, everywhere – automatically – so employees can work better from anywhere.

View company page

Senior Penetration Tester

 

Who We Are
Looking for more than just a job? We like developing our people just as much as we like developing great products and services.

Ivanti is a global leader in IT (Information Technology) systems and security management, service management, asset management, and mobility management and security solutions - helping organizations reduce risks and costs associated with managing their IT environment.

Ivanti is experiencing significant growth worldwide. The company has received numerous awards for being a Top Place to Work, as well as many accolades for the products it develops. Our customer focus strategy is driven by the company’s core values, including innovation, accountability, teamwork, and trust. It is an exciting time to join Ivanti.

If you are passionate about what you do, are a champion of customer satisfaction and success, and interested in developing solutions that make a difference and in having fun while doing it, Ivanti is the place for you!

What We Do

  • Empower users to connect from any place seamlessly and securely in the world that offers air, water and… Internet!
  • Equip organizations with the right tools to configure access, manage and enforce compliance with a holistic view on network, users, and usage.
  • Empower organizations to continue to breathe easy, now with an added sense of invincibility.
  • Work hard so that you can focus on the things you want to!

What We Are Looking For

A Senior Penetration Tester with a background in Application Testing and Exploitation.

You can talk about Cross-Site Scripting (XSS), exploit a SQL injection, discuss SSL certificates, and write a Report. You are Self-Starter, able to lead, communicate and manage assigned projects throughout the Testing Lifecycle. This is a Remote Position.

What You Will Be Doing

  • Perform Application and/or Solution Security Testing on Ivanti’s Internal Product and Infrastructure.
  • Create Proof of Concept documentation for vulnerability reports.
  • Support Engineering teams by providing guidance and best practices for application security development and architecture.
  • Perform Static Code reviews to identify potential security vulnerabilities within Ivanti’s Product and Infrastructure.
  • Assist with Validation and Verification of Third-Party Product Incidents from Responsible Disclosures and Customer Vulnerability Reports.
  • Create effective Penetration Report for each Product Tested based on Vulnerability Risk Findings then, collaborate with Engineering for Remediation and Retesting.
  • Participate in Product Security Incident Response Team (PSIRT) investigations, as required.

Who You Are

  • A person who is passionate about IT Security and genuine about creating a secure product with modern, agile facing practices.
  • Innate curiosity and ability to learn. Individuals should be confident in picking up innovative technologies and pivoting when the role requires.
  • Critical thinking and troubleshooting are paramount. Practical creative solutions to difficult problems are key. Analytical, Proactive, Collaborative and Adaptable.

You are Ideal Candidate if you have

  • Multiple years’ experience as an Application Penetration Tester.
  • Demonstrated understanding of common vulnerability classes ranging from Cross-Site Scripting to memory corruption.
  • Understanding of how various endpoint and perimeter-based security products work.
  • Ability to read and understand various languages including Java, C/C++, .NET, JavaScript and PHP.
  • Knowledge of:
    • Frameworks such as OWASP (Open Web Application Security Project), MITRE ATT&CT, and SANS.
    • Linux, Windows, Android, iOS, macOS
    • Container technologies with Azure Kubernetes Services - preferred
    • Open-Source Software and Package Management
    • OSI Layers – including TCP/IP Networking (packet captures)
  • Testing Tools experience:
    • BurpSuite, Kali Linux, Metasploit, Wireshark
    • IDA Pro, Ghidra, OllyDbg, MS Attack Surface Analyzer, Sys Internals
  • Ability to educate others on common vulnerability classes, including SQL/Command Injection, XSS, CSRF (Cross Site Request Forgery), SSRF (Server-Side Request Forgery), and Binary exploitation.
  • Certifications preferred: OSCP, OSCE, PEN/WEB-300, GIAC (e.g. GPEN, GWAP or GXPN) or equivalent.

Organizational Culture

Ivanti provides a supportive environment for motivated individuals looking to grow their careers and realize high earnings potential. Join a challenging, technology focused environment, earn a competitive salary and benefits package, receive the training you need to stay ahead of the curve, and work in a casual, smart, and fast-paced organization.

The Penetration Testing Team are a group of highly talented and experienced specialists that continue to learn and make each other better. The International team are all supportive and play and key role in the success of the Ivanti Product Security.

External Recruiting Agencies/Vendors

Ivanti does not currently engage with external recruiting agencies and will not accept unsolicited resumes from any external agency. Unsolicited resumes submitted by agencies to Ivanti will become the property of Ivanti and may be contacted and engaged with directly. Ivanti maintains a preferred vendor list and only engages with these agencies from time to time. Ivanti has not agreed to pay placement or any other fee to companies who have not been specifically retained to conduct a candidate search.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Agile Android Application security Azure Burp Suite C C++ Compliance CSRF Exploit Ghidra GIAC GPEN GXPN Incident response iOS Java JavaScript Kali Kubernetes Linux MacOS Metasploit OllyDbg OSCE OSCP OWASP Pentesting PHP Product security PSIRT SANS Scripting SQL SQL injection SSRF Strategy TCP/IP Vulnerabilities Windows XSS

Perks/benefits: Competitive pay Startup environment

Region: North America
Job stats:  16  1  0
Category: PenTesting Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.