Penetration Testing Principal Engineer - Remote

This is a very visible position responsible for all aspects of the SonicWALL Security products. We are looking for a Security Analyst to perform on-going vulnerability assessment and penetration testing of the SonicWALL security products and internal backend network. Serving as a member of the Security Assessment Test Team (SATT) responsible for improving the overall security posture of the enterprise network. The Security Analyst will run periodic scans, identify vulnerabilities, develop test plans for exploiting vulnerabilities in a controlled environment, perform penetration testing, document results, investigate and propose mitigations for identified vulnerabilities, and work with team members as to mitigate the identified vulnerabilities. 

The Security Analyst will also serve as an escalation point for addressing any threats identified by the enterprise security tools and processes. 

Responsibilities:

• Perform research, analysis, and testing of network, application, physical and procedural vulnerabilities via vulnerability assessment, penetration test and/or social engineering.
• Perform vulnerability scanning of SonicWall products, workstations, servers, and appliances in the backend network.
• Perform internal vulnerability assessments and penetration tests prior to external audits.
• Clearly outline and portray test findings via well documented reports.
• Review IDS and or firewall signature / rule sets and make recommendations for improvement.
• Acquire a comprehensive technical understanding of all products in the SonicWALL product line and the underlying hardware/software technologies within the solution stack to enable technical leadership through the analysis stage to resolution of issues.
• Work with other team members to respond to any alerts and/or threats identified by the security tools and processes.
• Identify, research, and assist in the implementation of any security tools and/or processes to improve the overall security posture.
• Maintain up-to-date detailed knowledge of the IT security threats and plan, prioritize, and implement, mitigation controls as necessary.
• Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
• Participate in investigations into problematic activity.
• Experience or familiarity with securing Microsoft SQL databases and IIS web services.
• Working technical knowledge of vulnerability scanning and remediation, traffic monitoring, and log analysis.
• Provide on-call support if necessary for all in-place security solutions.
• Perform other duties as assigned.

Required Qualifications:

• 10 or more years of overall experience in the information security field.
• College diploma or university degree in the field of computers or engineering and/or 6 years equivalent work experience.
• Pen Tester, Penetration Tester, Spirent, BreakingPoint, KeySight, vulnerabilities, GPEN, Nmap, Nessus, Metasploit, Securityforest Exploitation framework, CORE IMPACT, testing, security.
• 5+ years’ experience of Professional Web-Application Development or Source Code Review (C/C++, C#, VB.NET, ASP, PHP, and Java).
• Knowledge of web architecture and protocols (HTTP(S), TCP/IP, ARP, SMTP, DNS, etc.)
• Must understand how data flows through an application and connected components (SMTP, LDAP, Database servers) and common software security issues and remediation techniques.
• Proven analytical skills and technical competence, ideally in a manager or team lead.
• Microsoft Certified Systems Administrator: Security.
• Certified Ethical Hacker (CEH) Knowledge & Experience.
• Strong people manager and motivator, with strong team coaching and people development skills.
• Ability to present ideas in business-friendly and user-friendly language.
• Highly self-motivated and directed.
• Keen attention to detail.
• Team-oriented and skilled in working within a collaborative environment.
• Demonstrable presentation skills.
• Strong communicator.
• Self-starter, motivated and positive.
• Strong hands on leader

SonicWall is an equal opportunity employer. 

We are committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, and other protected status as required by applicable law. 

At SonicWall, we pride ourselves on recruiting a diverse mix of talented people and providing active security solutions in 215 countries. 

#Remote

#LI-KB7