TUV Rheinland North America Group
Senior Penetration Tester (Remote)
TUV Rheinland North America Group, Pleasanton, California, United States, 94566
Joining TÜV Rheinland means working for one of the world's leading testing, inspection, and certification service providers with more than 20,000 employees globally. Our employees are our most important asset. That is why we invest in their development and offer competitive pay, multiple health insurance plan options, and a 401(k) with up to 6% company match. At the same time we live an international, team-oriented culture characterized by respect, collegiality and openness. This enables our employees to develop their potential, apply new knowledge and methods directly - and plan a long-term career with real opportunities for advancement.
SUMMARY
A senior penetration tester is needed to conduct penetration testing across multiple disciplines, assess and secure IoT systems and devices, and conduct thorough penetration tests on various networks, mobile devices, applications, and infrastructures. The candidate must have a minimum of 5 years of experience as a penetration tester.
As a senior tester, the candidate is also expected to be able to interface with clients regularly, occasionally support sales efforts, and manage their workload with minimal oversight. The willingness to contribute scripting/tools/methodology to help keep the TUV Rheinland Testing Team. You will be expected to stay current with the latest vulnerabilities and threats, and up to date with new industry advancements is also a requirement.
PRINCIPAL DUTIES AND RESPONSIBILITIES:
Conduct comprehensive penetration testing on hardware, software, and network components.Perform vulnerability discovery and exploitation in web and mobile applications, API, databases, and operating systems.Accurately document and report on findings discovered during penetration testing activities.As needed, develop additional tools, scripts, and methodologies to help keep TUV Rheinland competitive.Contribute to continually improving testing team knowledge and supporting testing methodology improvements.Occasionally provide pre-sales support as a Subject Matter Expert to help sales understand and interpret client needs and expectations for potential upcoming engagements.Performs off-hours work as necessary, occasionally requiredWorking with Account Teams to identify new opportunities with customers/prospectsQUALIFICATIONS & REQUIREMENTS:
Knowledge, Skill, & Abilities
Hands-on experience in IoT security assessments analyzing software, firmware, hardware, and components within the system.Strong knowledge of common security frameworks, protocols, and attack vectors (e.g., OWASP, NIST, ISO).Thorough understanding of networking, operating systems (*nix/Mac/Windows)Ability to perform analysis of network trafficSolid understanding of cloud security, network protocols, and secure development practices.Mobile application security testingMedical device penetration testing experienceKnowledge of OT and/or Automotive testing is beneficialScripting and programming knowledge (e.g., Python, Bash, C) is a plus.Excellent verbal and written communication skills, with an ability to explain complex security topics to non-technical stakeholders.Ability to work both independently and in a team-oriented, collaborative environment.Education
Bachelor's degree in computer science or similar preferredExperience
Minimum 10 years of general IT experience (networking, IT support, Blue Team, or development-type roles)2 years experience in IoT/Medical Device penetration testingCertifications
OSCP, GPEN, CRTP, or equivalent certificationsPHYSICAL DEMANDS & WORK ENVIRONMENT
Work may be sedentary, consisting of sitting for long periods and working at a computer.Physical effort may require lifting up to 25 pounds.Equipment Used
Laptop or Desktop ComputerPhone or HeadsetTravel Required
Ability to travel up to 20%
TUV Rheinland North America EEO Statement
As a global business, TUV Rheinland North America relies on diversity of culture and thought to deliver on our goal of Creative People, Practical solutions serving our client needs, and ensures nondiscrimination in all programs and activities in accordance with Title VI and VII of the Civil rights Act of 1964. We continuously seek talented, qualified employees in our world-wide operations regardless of race, color, sex/gender, including gender identity and expression, sexual orientation, pregnancy, national origin, religion, disability, age, marital status, citizen status, protected veteran status, or any other protected classification under country or local law. TUV Rheinland North America is proud to be an Equal Employment Opportunity/ Affirmative Action Employer/ Federal Contractor desiring priority referrals of all protected veterans for job openings.
#LI-remote
SUMMARY
A senior penetration tester is needed to conduct penetration testing across multiple disciplines, assess and secure IoT systems and devices, and conduct thorough penetration tests on various networks, mobile devices, applications, and infrastructures. The candidate must have a minimum of 5 years of experience as a penetration tester.
As a senior tester, the candidate is also expected to be able to interface with clients regularly, occasionally support sales efforts, and manage their workload with minimal oversight. The willingness to contribute scripting/tools/methodology to help keep the TUV Rheinland Testing Team. You will be expected to stay current with the latest vulnerabilities and threats, and up to date with new industry advancements is also a requirement.
PRINCIPAL DUTIES AND RESPONSIBILITIES:
Conduct comprehensive penetration testing on hardware, software, and network components.Perform vulnerability discovery and exploitation in web and mobile applications, API, databases, and operating systems.Accurately document and report on findings discovered during penetration testing activities.As needed, develop additional tools, scripts, and methodologies to help keep TUV Rheinland competitive.Contribute to continually improving testing team knowledge and supporting testing methodology improvements.Occasionally provide pre-sales support as a Subject Matter Expert to help sales understand and interpret client needs and expectations for potential upcoming engagements.Performs off-hours work as necessary, occasionally requiredWorking with Account Teams to identify new opportunities with customers/prospectsQUALIFICATIONS & REQUIREMENTS:
Knowledge, Skill, & Abilities
Hands-on experience in IoT security assessments analyzing software, firmware, hardware, and components within the system.Strong knowledge of common security frameworks, protocols, and attack vectors (e.g., OWASP, NIST, ISO).Thorough understanding of networking, operating systems (*nix/Mac/Windows)Ability to perform analysis of network trafficSolid understanding of cloud security, network protocols, and secure development practices.Mobile application security testingMedical device penetration testing experienceKnowledge of OT and/or Automotive testing is beneficialScripting and programming knowledge (e.g., Python, Bash, C) is a plus.Excellent verbal and written communication skills, with an ability to explain complex security topics to non-technical stakeholders.Ability to work both independently and in a team-oriented, collaborative environment.Education
Bachelor's degree in computer science or similar preferredExperience
Minimum 10 years of general IT experience (networking, IT support, Blue Team, or development-type roles)2 years experience in IoT/Medical Device penetration testingCertifications
OSCP, GPEN, CRTP, or equivalent certificationsPHYSICAL DEMANDS & WORK ENVIRONMENT
Work may be sedentary, consisting of sitting for long periods and working at a computer.Physical effort may require lifting up to 25 pounds.Equipment Used
Laptop or Desktop ComputerPhone or HeadsetTravel Required
Ability to travel up to 20%
TUV Rheinland North America EEO Statement
As a global business, TUV Rheinland North America relies on diversity of culture and thought to deliver on our goal of Creative People, Practical solutions serving our client needs, and ensures nondiscrimination in all programs and activities in accordance with Title VI and VII of the Civil rights Act of 1964. We continuously seek talented, qualified employees in our world-wide operations regardless of race, color, sex/gender, including gender identity and expression, sexual orientation, pregnancy, national origin, religion, disability, age, marital status, citizen status, protected veteran status, or any other protected classification under country or local law. TUV Rheinland North America is proud to be an Equal Employment Opportunity/ Affirmative Action Employer/ Federal Contractor desiring priority referrals of all protected veterans for job openings.
#LI-remote