Dallas, USA
73 days ago
Senior Penetration Testing Consultant

Role : Senior Penetration Testing Consultant

Location : Dallas TX - Hybrid role , in-office presence required

BlueYonder is seeking a Senior Penetration Testing Consultant who would be responsible for leading and conducting penetration test activities against our private and public network, etc. As needed, this candidate will also conduct Penetration Test for the customer environments. This member will play a key role in evolving our Red Team. This role will be a senior role and someone with strong experience is preferred. 

The candidate would work with leading PenTest vendors to create SOWs and engage penetration testing activities as needed. The candidate would also create a solid internal penetration testing program to determine the security posture of the organization and provide meaningful feedback to the stakeholders.

Responsibilities

Create and maintain a solid penetration testing program for the organization, a key role within security organizationConduct all the penetration activities for the BlueYonder infrastructureCo-ordinate customer requests for penetration testingFocus on all the phases of penetration testing including, Information gathering, scanning, execution, post-exploitation, custom/meaningful reporting, remediation activitiesOut of several thousand assets, identify the assets that need prioritization to be assessedPotential to expand to a Red team with a focus on validating the security controls and security tools that are in placeThis candidate would ultimately create awareness about the extent of compromise one could make with the current security posture – so that the asset owners can truly understand the security posture of their products and their networkCreates processes for the penetration testing program considering all the phases of the programLeverage vulnerability scan results from all the scannersLeverage threat intelligence information to raise the bar on PenTesting programEvaluate threats, vulnerabilities and risk in the cloud platform like Azure, AWS, etc.Be responsible for not only identification of results but to provide solid feedback to the stake holders and to reduce the risk exposureCapable of validating security controls that are in place with the organization like intrusion prevention systems and intrusion detection systems, etc.An expert in post exploitation to truly determine the extent of compromise, upon identifying vulnerabilitiesDescribe the root cause and impacts to the asset ownersDemonstrate the risk through verbal and video demonstration in layman terms as neededReduce the open vulnerabilities by providing remediation guidance and feedback as neededDocument and track all the hacking activities for Management and auditorsRepresent the team for internal and external auditors as neededReview reports for each assessment before it is sent to the asset owners or to the customersParticipate in and assist with incident response team, as appropriate.Generate metrics for the Management as needed.Prepare system security reports by collecting, analyzing, and summarizing data and trendsAny other security related duties assigned by the Management.

Qualifications

7- 8 years of proven experience in Penetration testing or Red Teaming; a Master’s degree can be substituted for 2 years of experience.Strong expertise in Vulnerability and Threat Management, Penetration Testing, gathering and condensing threat intelligence into actionable and meaningful communication materials.Bachelor’s degree in information security or Information Technology or Computer Science or related fieldsDeep and diverse experience architecting and implementing network security designs.Expert in network security, system security and endpoint security.Education and experience in public cloud infrastructure such as Microsoft, Google, AWS, or IBM.Proven experience with products dealing with vulnerability management services which include Retina, Qualys, Tenable, Nexpose, Kali Linux, Metasploit, Core Impact, Immunity Canvas, Burp Suite, Cobalt Strike, Blood Hound, etc.Excellent customer service including strong written and oral communication skills.Demonstrated understanding of information security concepts, standards, practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring and log management and event monitoring/reporting.Certifications such as OSCP, OSCE, CEH, CISSP or equivalent.Results oriented and attention to details.Ability to work in different shifts to partner with the global team.

#LI-SR1

-------------------------------------------

The Salary Range for this position is $105,261.54 to $132,738.45

The salary range information provided, reflects the anticipated base salary range for this position based on current national data.  Minimums and maximums may vary based on location.  Individual salary will be commensurate with skills, experience, certifications or licenses and other relevant factors.  In addition, this role will be eligible to participate in either the annual performance bonus or commission program, determined by the nature of the position.

At Blue Yonder, we care about the wellbeing of our employees and those most important to them. This is reflected in our robust benefits package and options that includes: 

Comprehensive Medical, Dental and Vision 

401K with Matching 

Flexible Time Off 

Corporate Fitness Program 

Wellbeing Days 

A variety of voluntary benefits such as; Legal Plans, Accident and Hospital Indemnity, Pet Insurance and much more

At Blue Yonder, we are committed to a workplace that genuinely fosters inclusion and belonging in which everyone can share their unique voices and talents in a safe space. We continue to be guided by our core values and are proud of our diverse culture as an equal opportunity employer. We understand that your career search may look different than others, and embrace the professional, personal, educational, and volunteer opportunities through which people gain experience.

Our Values


If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success – and the success of our customers. Does your heart beat like ours? Find out here: Core Values

Diversity, Inclusion, Value & Equality (DIVE) is our strategy for fostering an inclusive environment we can be proud of. Check out Blue Yonder's inaugural Diversity Report which outlines our commitment to change, and our video celebrating the differences in all of us in the words of some of our associates from around the world.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

Confirm your E-mail: Send Email