Job Summary

A Sr. Penetration Tester manages and leads a technical team responsible for conducting internal and external Vulnerability Assessment and Penetration Testing activity. He/she oversees the continuous security assessments and schedule scanning activities. Additionally, he/she is responsible in Vulnerability Management and Mitigation (VMM), which focuses on vulnerability identification, prioritization and reporting across both on-premises and cloud-based system, infrastructure and network devices spanning both Multisys technologies enterprise and service provider network.

General

Reports directly to the Vice President (VP) and Chief Information Security Officer (CISO); Performs continuous scanning for Multisys systems, infrastructure, and network to identify vulnerabilities; Manages and schedules all Multisys IT systems and infrastructure for Vulnerability Scanning; Acts as a subject matter expert in vulnerability management and penetration testing (VAPT); Ensures all systems comply with Multisys Security Standards; Directs cross-functional, cross-department teams in remediating security vulnerabilities, ensuring regular communication of status and work products to mitigate intended vulnerabilities; Leads large-scale information security projects, including the implementation and delivery of new infrastructure security scanning capabilities; Mentors and coaches’ direct reports to ensure success in their roles; Partners with teams to align technology implementation processes and reduce vulnerabilities; Manages and engages 3rd party service providers for VAPT projects. Stays updated with industry-leading vulnerability and software security vendors, informing product roadmaps; Supports the continuous improvement of the vulnerability management program initiatives, process, and technology integration; Assesses, documents, and validates vulnerability management practices across the business to ensure compliance with company policies and standards; Prepares and presents daily, weekly, monthly, quarterly, and annual reports, as required by the Immediate Superior; Assists and participates in human resources and other company activities; and Performs other related tasks as assigned.

Vulnerability Management and Mitigation

Develops and implements effective vulnerability management processes and procedures; Identifies, prioritizes, and reports vulnerabilities across on-premises and cloud-based systems, infrastructure, and network devices; Collaborates with relevant stakeholders to address identified vulnerabilities and ensure timely remediation; and Stays informed about the latest industry trends, best practices, and tools related to vulnerability management.

Penetration Testing:

Conducts comprehensive penetration testing activities to identify potential vulnerabilities and exploit them within ethical boundaries; Analyzes and reports findings from penetration testing assessments, including recommended remediation actions; Collaborates with IT teams to implement necessary security measures and safeguards based on identified vulnerabilities; and Stays up to date with emerging threats and techniques related to penetration testing.