Berkadia Commercial Mortgage LLC

Senior Red Team Engineer III

Berkadia Commercial Mortgage LLC$100K — $130K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Electronics Engineering, Computer Science, Information Technology, or similar field.
  • 4 years of hands-on experience in conducting end-to-end internal penetration tests.
  • Proficiency with tools like Metasploit, BurpSuite, Kali Linux, and nmap.
  • 2 years of experience in maintaining AWS and Azure cloud infrastructures with Terraform.
  • 2 years of experience in Agile development using Python and Bash.
  • 2 years of experience with Docker and Kubernetes for container management.
  • 2 years of experience in TCP/IP networking and firewalls, both on-premises and cloud-based.

Responsibilities

  • Manage and conduct internal penetration tests on critical web applications.
  • Document findings with proof of concepts for replication of issues.
  • Publish results into the Vulnerability Management platform and track remediation progress.
  • Create regular reports on internal penetration testing findings and metrics.
  • Maintain the penetration testing environment and secure server deployments.
  • Update and maintain documentation per best practices.
  • Provide quarterly updates on compliance with NIST pen testing frameworks.

Benefits

  • Remote work flexibility up to 3 days per week at employer's discretion.
  • Opportunities for mentorship and skill development in a technical setting.
Full Job Description
Berkadia Commercial Mortgage, LLC seeks a Senior Red Team Engineer III (Ambler, PA) to manage and conduct internal penetration tests on mission-critical internal web applications including network scanning, foot printing, fingerprinting, process enumeration, exploitation, escalation, and exfiltration. Document the results of all findings of internal penetration tests providing evidence/POC (Proof of Concepts) for each finding and how to replicate the results of each finding. Publish the results of internal penetration tests into our Vulnerability Management platform and track the progress of ongoing remediations and provide technical assistance where needed. Build and publish reports showing the following: quarterly, monthly, and yearly internal penetration testing findings and remediation data MTTR (Mean Time to Remediation) compliance metrics; applications to be tested and historical data going back 12 months; YoY trend data for each application tested; maintain the penetration testing environment including deploying the Kali Linux (or other penetration testing Operating System) to a secure jump-box location within the network and maintaining it. Maintain and update internal penetration testing documentation ensuring that it is up to date with best practices. Provide quarterly updates to our CRM (Cyber Risk Management) team regarding our compliance with NIST (National Institute of Standards and Technology) pen testing frameworks. Lead efforts with development teams to ensure that Berkadia Web Applications are implementing all required HTTP security headers. Manage and maintain all WAF (Web Application Firewall) policies and updates. Be a technical subject matter expert to mentor more junior engineers working on vulnerability remediations.

REQUIREMENTS: Bachelor's degree, or foreign equivalent, in Electronics Engineering, Computer Science, Information Technology, or closely related field. Must have (4) years of experience conducting internal penetration tests from start to end including documentation and remediations of all findings using Metasploit, BurpSuite, Kali Linux, and nmap.

Of the (4) years, must have the following:
  • (2) years' experience maintaining modern cloud infrastructures in AWS and Azure environments including experience with Terraform;
  • (2) years experience in Agile development, including Python, and Bash;
  • (2) years' experience managing and deploying Docker container-based assets using Kubernetes;
  • (2) years' experience utilizing TCP/IP networking both on-premises and in a cloud-based environment including network and web application firewall configuration.

Remote work available up to 3 days per week at employer discretion. Must live within commuting distance of Ambler, PA.

#LI-DNI

About Berkadia Commercial Mortgage LLC

Berkadia Commercial Mortgage LLC is a leading commercial real estate finance company that provides mortgage banking, investment sales, and servicing solutions for multifamily and commercial properties. The company offers a wide range of financing options, including Fannie Mae, Freddie Mac, HUD/FHA, CMBS, life company, bridge, mezzanine, and preferred equity. Berkadia Commercial Mortgage LLC was founded in 2009 and is headquartered in Horsham, Pennsylvania.
Learn more about Berkadia Commercial Mortgage LLC
Size
1,500 employees
Industry
Founded
2009

Similar Jobs

More Jobs at Berkadia Commercial Mortgage LLC

More Information Technology Jobs

Find similar Senior Red Team Engineer III jobs: