Principal Penetration Testing Engineer (InfoSec)

Company Description

Our Mission

At Palo Alto Networks® everything starts and ends with our mission: protecting our way of life in the digital age by preventing successful cyberattacks. It’s not a small goal. It isn’t simple either, but we aren’t in this for the easy answer. As a company with a foundation in challenging the way things are done, we’re looking for innovators with a dedication to THE best. In return, your career will have a tangible impact - one that's working toward technology that affects every level of society.

Our mission doesn’t happen by treading softly. It happens by defining an industry. It means building products that haven't been thought of. It means selling products with a solutions mindset. It means supporting the infrastructure of a company that moves at an incredible speed… intentionally… to stay ahead of the world’s next cyberthreat.

Job Description

Your Career

The Offensive Security team is seeking a Principal Offensive Security Engineer to support the team responsible for testing the security of all the products and services that make up the Palo Alto Networks product portfolio. This involves choreographing a complex routine of on-demand and continuous penetration testing practices involving multiple trusted third-party partners. We further supplement this with in-house penetration testing to ensure the requisite breadth and depth of coverage across the attack surface. 

The successful candidate will thrive in a fast-paced environment where energy, drive, and a collaborative approach are key to success.

Your Impact

• Engage with business owners in pre-engagement activities including scope definition, environment setup and scheduling

• Conduct application layer penetration tests against SAAS applications and service APIs

• Conduct source code reviews when needed

• Prepare and deliver technical reports to business owners and InfoSec partners

• Assist, as a subject matter expert, in remediation planning and execution

• Assist with security investigations, root-cause analysis and corrective measures as required

• Occasionally plan and manage engagements to be executed by external partners when needed

• Assist in the management of application security programs like continuous scanning, bug bounty, secure development lifecycle and others

• Stay current on exploitation and post-exploitation techniques and incorporate them into the penetration testing arsenal

Qualifications

Your Experience

• 5 - 7 years of experience in application penetration testing

• Must have the ability to conduct manual and automated assessment of applications

• Must have the ability to effectively work with remote peers

• Excellent written and verbal communication skills

• Ability to establish priorities, work independently and proceed with objectives

• Must be well organized and able to leverage best practices, able to thrive in fast-paced environment, and, most importantly, have the ability to approach problems with an innovative, can-do attitude

• Public speaking and demonstrated thought leadership in the security space

Additional Information

The Team 

We’re not your ordinary Information Security team. We’re a diverse group of security professionals who challenge the status quo in order to protect Palo Alto Networks and our customers.

Driving innovation on the Information Security team of the fastest-growing high-tech cybersecurity company is a once-in-a-lifetime opportunity. You’ll be joined by the brightest minds in technology, and our global teams are on the front line of defense against cyberattacks.

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.
 

#LI-1234