Cyber Vulnerability & Penetration Tester II
United States - Remote
Applications have closed
Rackspace
As a cloud computing services pioneer, we deliver proven multicloud solutions across your apps, data, and security. Maximize the benefits of modern cloud.
Overview:
Responsible for conducting vulnerability assessment scans, assisting with penetration testing, exposing security vulnerabilities and risks, and recommending solutions to mitigate such vulnerabilities
Contributes to building and delivering services, solutions and processes that enable security defects to be found, fixed or avoided before applications are released to production
Tracks public and privately released vulnerabilities and assists in the corporate triage process including identification, criticality evaluation, remediation planning, communications, and resolution
Conducts vulnerability assessment scans, exposing security vulnerabilities and risks and recommending solutions to mitigate such vulnerabilities
About Rackspace TechnologyWe are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future. More on Rackspace TechnologyThough we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know. Position is available for remote work in the following states unless otherwise specified. Alabama, Arizona, Arkansas, California, Connecticut, Delaware, District of Columbia, Florida, Georgia, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia, Wisconsin, Wyoming.
Responsible for conducting vulnerability assessment scans, assisting with penetration testing, exposing security vulnerabilities and risks, and recommending solutions to mitigate such vulnerabilities
Contributes to building and delivering services, solutions and processes that enable security defects to be found, fixed or avoided before applications are released to production
Tracks public and privately released vulnerabilities and assists in the corporate triage process including identification, criticality evaluation, remediation planning, communications, and resolution
Conducts vulnerability assessment scans, exposing security vulnerabilities and risks and recommending solutions to mitigate such vulnerabilities
You Will:
- Provides significant contributions to black-box testing, source code analysis, manual pen testing, and training
- Schedules and executes vulnerability/ penetration testing. Leads limited (in scope or complexity) engagements and provides end-to-end planning and execution for those engagements
- Reports out on vulnerability and penetration testing and works with business units to develop remediation plans
- Works closely with the Risk Management, ISOC and Intel teams. Keeps up with the changing nature of security threats
- Assesses the risk from not only a tactical perspective but also a strategic/global scale and apply these findings to aid in prioritizing remediation efforts. Interacts with business units to discover, triage and resolve security vulnerabilities with manual and automated tools to enforce security criteria as part of a Secure Development Life Cycle continuously
- Researches and investigates new and emerging vulnerabilities and participate in external security communities
You Have:
- 4 years Security Analyst experience with 2-4 years experience performing vulnerability assessments and penetration testing
- Experience applying ethical hacker techniques, phishing schemes, emerging logical security threats, and compromised server techniques
- Practised experience executing, ethical hacking and penetration testing
- Significant knowledge regarding security vulnerabilities, application analysis, and protocol analysis
- Strong attention to detail, verbal and written communication skills
- Strong analytical and problem-solving skills
- Knowledge of and practised experience with penetration testing and ethical hacking products
- Knowledge of and ability to manage vulnerability scans against a range of assets
- Experience devising methods to automate testing activities and streamline testing processes Practical experience with Linux and Windows operating systems
- Familiarity with common programming or scripting languages
- Ability to interpret and prioritize vulnerability scan results into remediation actions and track those actions through to completion
- Practiced knowledge performing vulnerability assessments against servers, workstations, web applications and other components
- Knowledge regarding security vulnerabilities, application analysis and protocol analysis
- Knowledge of methods for ongoing evaluation of the effectiveness and applicability of information security controls (e.g., vulnerability testing, and assessment tools)
- Ability to understand information security risks associated with vulnerability and penetration testing
- Knowledge of patching programs of major hardware/software manufacturers
- Knowledge of secure configuration and hardening of systems
- Ability to analyze vulnerabilities to appropriately characterize threats and provide remediation advice
- Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE)
Certifications:
- Current CEH, GPEN, CISSP, and GCIA certifications preferred
Education:
- Bachelor’s degree in Computer Science or related field required
- At the manager’s discretion, additional relevant experience may substitute for the degree requirement
- High school diploma or equivalent required
About Rackspace TechnologyWe are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future. More on Rackspace TechnologyThough we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know. Position is available for remote work in the following states unless otherwise specified. Alabama, Arizona, Arkansas, California, Connecticut, Delaware, District of Columbia, Florida, Georgia, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia, Wisconsin, Wyoming.
Tags: CEH CISSP Code analysis Computer Science CVSS Ethical hacking GCIA GPEN Linux Pentesting Risk management Scripting Vulnerabilities Vulnerability scans Windows
Perks/benefits: Team events
Regions:
Remote/Anywhere
North America
Country:
United States
Job stats:
96
14
1
Category:
PenTesting Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs