Penetration Testing Consultant - X-Force Red
Sao Paulo, Sao Paulo, BR
At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.
Your Role and Responsibilities
Are you passionate about breaking into applications, networks, systems, databases, devices and other technologies to uncover security vulnerabilities and help fix them? Are you interested in joining a team of like-minded passionate experts, many of whom have decades of experience breaking into anything and everything to help organizations strengthen their security? If so, X-Force Red, IBM Security’s team of veteran hackers, is looking for a Global Security Consultant, and you may be the perfect fit.
The Global Security Consultant will be part of the X-Force Red Offensive Security team. The consultant’s primary duty is to perform penetration tests against clients’ application and network assets. Engagements typically range from two to four weeks. Secondary duties include assisting in the sales process with potential or existing clients, and acting as a client’s primary technical contact for projects delivered by other consultants. X-Force Red consultants provide subject matter expertise in the form of research, tooling, and consulting engagements.
You should have in-depth of knowledge and experience understanding a client’s environment, running tests against these environments, and escalating or gaining access to system by leveraging weak controls. The consultant must be able to rapidly learn new technologies and processes with minimal assistance. There is a potential for 25% travel, including international travel. Travel depends on project requirements.
Core Consulting Qualifications:
• Effective communication and presentation skills
• The ability to lead large groups and be a primary facilitator
• Demonstrated written skills
• Drive to do research, publications, blogs, presentations, etc.
• Comfortable working in a project based / client serving model
• Ability to lead and shape client expectations
• Help drive pursuits and engage in complex deals, matching outcomes to expectations
• Ability to work easily with diverse and dynamic teams
• Ability to work in a matrix management model
• Ability to self-start, and work independently on projects
• Preference for candidates with Secondary language skills
Todas as vagas são elegíveis para pessoas com deficiência e reabilitadas.
Required Technical and Professional Expertise
- 5+ years of penetration testing experience
- 5+ years of consulting experience
- 5+ years of system administration, network administration, or programming experience
- Ability to perform penetration tests against web applications plus at least one of the following: internal networks, wireless networks, mobile applications, thick-client applications, embedded applications, hardware
- Strong understanding of networks, firewalls, protocols, routing, and security technologies
- History of presenting at regional or major security conferences
- History of published research, blog posts, or other publications
- Effective English writing skills
- Experience coordinating security testing projects with multiple consultants
- Experience editing documents for grammar, clarity, and technical accuracy
Preferred Technical and Professional Expertise
- 2+ years of experience managing one or more of the following: Firewalls, IDS/IPS, Security Incident and Event Management (SIEM)
- Programming experience in one or more of the following: Java, .Net, Python, or Ruby
- CISSP, OSCP, or other technical certifications
- Experience in reverse engineering software or hardware
- Conversational fluency in a second language
- Hands-on experience in security aspects of compliance standards (ISO 27001, SSAE 16, COBIT, PCI, SOX, HIPAA, GLBA, etc.)
About Business Unit
IBM’s Cloud and Cognitive software business is committed to bringing the power of IBM’s Cloud and Watson/AI technologies to life for our clients and ecosystem partners around the world. IBM provides you with the most comprehensive and consistent approach to development, security and operations across hybrid environments—with complete software solutions for business and IT operations, development, data science, security, and management. Our experts and software capabilities help organizations develop applications once and deploy them anywhere, integrate security across the breadth of their IT estate, and automate operations with management visibility. With IBM, you also have access to new skills and methods, governance and management approaches, and a deep ecosystem of industry experts and partners.
Your Life @ IBM
What matters to you when you’re looking for your next career challenge?
Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities – where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust – where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.
Impact. Inclusion. Infinite Experiences. Do your best work ever.
IBM’s greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.
For additional information about location requirements, please discuss with the recruiter following submission of your application.
Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
Job tags: AI CISSP CoBIT IDS IPS ISO 27001 Java Offensive Security OSCP PCI Penetration testing Python Ruby SIEM Vulnerabilities