Penetration Testing Principal Engineer - Remote
Poland
Applications have closed
SonicWall
Defend SMBs, enterprises and governments from advanced cyber attacks with SonicWall's award-winning firewalls and cyber security solutions.This is a very visible position responsible for all aspects of the SonicWALL Security products. We are looking for a Security Analyst to perform on-going vulnerability assessment and penetration testing of the SonicWALL security products and internal backend network. Serving as a member of the Security Assessment Test Team (SATT) responsible for improving the overall security posture of the enterprise network. The Security Analyst will run periodic scans, identify vulnerabilities, develop test plans for exploiting vulnerabilities in a controlled environment, perform penetration testing, document results, investigate and propose mitigations for identified vulnerabilities, and work with team members as to mitigate the identified vulnerabilities.
The Security Analyst will also serve as an escalation point for addressing any threats identified by the enterprise security tools and processes.
Responsibilities:
- Perform research, analysis, and testing of network, application, physical and procedural vulnerabilities via vulnerability assessment, penetration test and/or social engineering.
- Perform vulnerability scanning of SonicWall products, workstations, servers, and appliances in the backend network.
- Perform internal vulnerability assessments and penetration tests prior to external audits.
- Clearly outline and portray test findings via well documented reports.
- Review IDS and or firewall signature / rule sets and make recommendations for improvement.
- Acquire a comprehensive technical understanding of all products in the SonicWALL product line and the underlying hardware/software technologies within the solution stack to enable technical leadership through the analysis stage to resolution of issues.
- Work with other team members to respond to any alerts and/or threats identified by the security tools and processes.
- Identify, research, and assist in the implementation of any security tools and/or processes to improve the overall security posture.
- Maintain up-to-date detailed knowledge of the IT security threats and plan, prioritize, and implement, mitigation controls as necessary.
- Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
- Participate in investigations into problematic activity.
- Experience or familiarity with securing Microsoft SQL databases and IIS web services.
- Working technical knowledge of vulnerability scanning and remediation, traffic monitoring, and log analysis.
- Provide on-call support if necessary for all in-place security solutions.
- Perform other duties as assigned.
Required Qualifications:
- 10 or more years of overall experience in the information security field.
- College diploma or university degree in the field of computers or engineering and/or 6 years equivalent work experience.
- Pen Tester, Penetration Tester, Spirent, BreakingPoint, KeySight, vulnerabilities, GPEN, Nmap, Nessus, Metasploit, Securityforest Exploitation framework, CORE IMPACT, testing, security.
- 5+ years’ experience of Professional Web-Application Development or Source Code Review (C/C++, C#, VB.NET, ASP, PHP, and Java).
- Knowledge of web architecture and protocols (HTTP(S), TCP/IP, ARP, SMTP, DNS, etc.)
- Must understand how data flows through an application and connected components (SMTP, LDAP, Database servers) and common software security issues and remediation techniques.
- Proven analytical skills and technical competence, ideally in a manager or team lead.
- Microsoft Certified Systems Administrator: Security.
- Certified Ethical Hacker (CEH) Knowledge & Experience.
- Strong people manager and motivator, with strong team coaching and people development skills.
- Ability to present ideas in business-friendly and user-friendly language.
- Highly self-motivated and directed.
- Keen attention to detail.
- Team-oriented and skilled in working within a collaborative environment.
- Demonstrable presentation skills.
- Strong communicator.
- Self-starter, motivated and positive.
- Strong hands on leader
SonicWall is an equal opportunity employer.
We are committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, and other protected status as required by applicable law.
At SonicWall, we pride ourselves on recruiting a diverse mix of talented people and providing active security solutions in 215 countries.
#Remote
#LI-KB7
Tags: Audits C C++ CEH Core Impact DNS Firewalls GPEN IDS Java LDAP Log analysis Metasploit Monitoring Nessus Nmap Pentesting PHP Security assessment SMTP SQL TCP/IP Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs