Senior Penetration Tester
Washington, DC or Remote
We are looking for a passionate and experienced Senior Penetration Tester with a broad range of experience working in cloud-native environments. You will join a security team that believes in enabling rather than blocking the business through DevSecOps principles and will use your offensive talents to improve the security posture of the organization. You believe that effective application security requires not only discovering vulnerabilities but also partnering with engineering to educate on secure coding principles.
Join Rally Health as a Senior Security Engineer (penetration tester) where you will perform multi-week engagements of high criticality assets. You will also work with Engineering and DevOps teams to guide remediation of security issues. As part of the Rally security team, you will report to the information security manager and help guide a cohort of Security Advocates in secure development practices.
- Prioritize and lead in-depth, multi-week internal penetration tests against web and mobile applications and network and cloud infrastructure. No compliance checkboxes here!
- Provide detailed engagement reports to technical and non-technical stakeholders
- Mentor others by teaching the latest penetration testing techniques
- Eliminate entire classes of vulnerabilities by working with the larger DevSecOps team
- 5+ years experience in a security or engineering function with at least 3 years of hands-on experience in a penetration testing role
- Experience attacking web, micro-service, and mobile assets on cloud networks such as AWS
- Experience in software development and scripting languages (Python, Go, Bash, Scala, NodeJS, etc.)
- Experience with Kubernetes environments and offensive containerization techniques strongly preferred
- Nice to have certifications: eCPPT, OSCP, GPEN, GWAPT, or AWS Security Specialty
- BS in Computer Science, Engineering or related technical role or equivalent experience
Please note that hiring for this position will only be considered in the following states: AZ, CA, DC, FL, IL, MD, MN, NC, NJ, NV, NY, OR, PA, TN, TX, VA, or WA
Rally Health™ is about putting health in the hands of the individual. With our easy-to-use online and mobile tools, we empower people by helping them take charge of their health and health care. Our culture is built on a belief of helping people live healthier lives, and we know that a diverse workforce enriches us with the talent, perspective and inspiration we need to achieve our mission. Rally knows that we are strongest when our teams reflect the diversity of the world around us, and when Rallyers can do their best work in a workplace where they feel a sense of belonging.
- Great compensation package
- Comprehensive benefits package for full-time employees, including medical, dental, vision coverage, stock purchase plan, and 401(k)
- Wellness programs, including physical and mental health services
- Flexible paid time off for full-time employees & paid leave for new parents
Rally Health believes in a policy of equal employment and opportunity for all people. It is our policy to train and promote individuals in all job titles, and administer all programs, without regard to race, color, religion, national origin or ancestry, citizenship, sex, age, marital status, pregnancy, childbirth or related medical conditions, personal appearance, sexual orientation, gender identity or expression, family responsibilities, genetic information, disability, matriculation, political affiliation, veteran status, union affiliation, or any other category protected by applicable federal, state or local laws.
Individuals with disabilities and veterans are encouraged to apply. Applicants who require an accommodation related to the application or review process should notify Talent Acquisition (email@example.com).
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.