Infoblox is looking for a Red Team/Senior Security Pentest Engineer to augment our growing Cyber Security Engineering team. Primary responsibilities will include performing vulnerability management and penetration testing of cloud-based infrastructure and applications, as well as analyzing emerging cyber threats and vulnerabilities as part of the Product Security Incident Response Team (PSIRT).
Joining the Infoblox Cyber Intelligence Team means you will be part of an environment that encourages teamwork. You will be partnering with other teams in the Office of the CTO, Product Management, and Engineering where you will work on both greenfield projects/products as well as existing products and services. Infoblox leadership promotes a balance between collaboration and autonomy, allowing you to utilize your expertise as well as develop new skills.
As the ideal candidate, you are an experienced, highly-motivated Pen Test Leader, interested in learning new technologies and staying up-to-date with the cyber threat landscape. You work well in a highly dynamic environment, along with peers and Senior Security Analysts, to research and assess vulnerabilities, threats, and attacks on enterprise products and environments. You are constantly innovating to improve the management and incident response procedures, practices, and tooling. You can quickly access information and data sources to determine priorities, and provide concise reporting of the issues in professional technical and business terms.
- Independently perform collection, analysis, and research of system, network, and application vulnerabilities and threats
- Analyze and respond to relevant security alerts from multiple sources
- Conduct formal tests on web-based applications, networks, and other types of computer systems on a regular basis
- Simulate attacks on networks, firewalls, operating systems, and web applications
- Create reports of vulnerability assessments and pen test results, and present them to key stakeholders, system owners, architects, and product managers
- Track the remediation/mitigation of known vulnerabilities, and drive them to resolution
- Perform incident response tasks as part of a PSIRT
- Continuously improve the management and incident response procedures, practices, and tooling
- 8+ years experience in a technical or security focused role
- 5+ years of technical experience with vulnerability management, penetration testing, and incident response
- Strong familiarity with Linux/Unix and Mac OS X operating systems
- Strong written and verbal communication skills
- Experience explaining highly technical and complex issues to non-technical business partners
- Experience managing 3rd party pen test engagements
- Experience with Amazon Web Services (EC2, VPC, ELB, S3, CloudFormation, etc) is a plus
- The ability to write shell scripts, Python, Java, Go, or other common modern languages
- The ability to execute in a dynamic environment where the expectations are not fully defined or are rapidly changing
- Absolute integrity and ethics
- MS or BS in Computer Science or related field, or equivalent work experience required
- Security certifications (CISSP, AWS-SA, GPEN, GMON, GWAPT, OSCP, etc) are a plus
- Work with a world-class Cyber Security Engineering team in a rapidly growing company
- A career path with opportunities to grow your career
- Onsite amenities and/or flexible work from home policy
- Discretionary Paid Time Off policy to promote a healthy work/life balance + world-class benefits
- And many, many more perks!