Blue Yonder
Senior Penetration Testing Consultant
Blue Yonder, Scottsdale, Arizona, us, 85261
Role:
Senior Penetration Testing ConsultantLocation: Dallas TX - Hybrid role requiring in-office presenceSynonymous Business Title:
Senior Risk AssessorBlueYonder is seeking a Senior Penetration Testing Consultant who would be responsible for leading and conducting penetration test activities against our private and public network. As needed, this candidate will also conduct Penetration Tests for customer environments. This member will play a key role in evolving our Red Team. Strong experience is preferred for this senior role.The candidate will work with leading Pen Test vendors to create SOWs and engage in penetration testing activities as needed. They will also create a solid internal penetration testing program to determine the security posture of the organization and provide meaningful feedback to stakeholders.Responsibilities:Create and maintain a solid penetration testing program for the organization.Conduct all penetration activities for the BlueYonder infrastructure.Coordinate customer requests for penetration testing.Focus on all phases of penetration testing including information gathering, scanning, execution, post-exploitation, custom reporting, and remediation activities.Identify assets that need prioritization for assessment.Potential to expand to a Red Team focusing on validating security controls and tools in place.Create awareness about the extent of compromise possible with the current security posture.Create processes for the penetration testing program.Leverage vulnerability scan results from all scanners.Utilize threat intelligence information to enhance the Pen Testing program.Evaluate threats, vulnerabilities, and risks in cloud platforms like Azure and AWS.Provide solid feedback to stakeholders to reduce risk exposure.Validate security controls such as intrusion prevention and detection systems.Expert in post-exploitation to determine the extent of compromise.Document and track all hacking activities for management and auditors.Represent the team for internal and external auditors as needed.Review reports for each assessment before sending them to asset owners or customers.Participate in and assist with the incident response team as appropriate.Generate metrics for management as needed.Prepare system security reports by collecting, analyzing, and summarizing data and trends.Perform any other security-related duties assigned by management.Qualifications:7-8 years of proven experience in penetration testing or Red Teaming; a Master's degree can substitute for 2 years of experience.Strong expertise in Vulnerability and Threat Management, Penetration Testing, and gathering actionable threat intelligence.Bachelor's degree in Information Security, MIS, Computer Science, or related fields.Deep experience in architecting and implementing network security designs.Expert in network, system, and endpoint security.Education and experience in public cloud infrastructure such as Microsoft, Google, AWS, or IBM.Proven experience with vulnerability management products such as Retina, Qualys, Tenable, and others.Excellent customer service and strong written and oral communication skills.Demonstrated understanding of information security concepts, standards, and practices.Certifications such as OSCP, OSCE, CEH, CISSP or equivalent.Results-oriented with attention to detail.Ability to work in different shifts to partner with the global team.The Salary Range for this position is $105,261.54 to $132,738.45. The salary range reflects the anticipated base salary based on current national data. Individual salary will be commensurate with skills, experience, certifications, and other relevant factors. This role will also be eligible for an annual performance bonus or commission program.At Blue Yonder, we care about the wellbeing of our employees and their families. This is reflected in our robust benefits package, which includes:Comprehensive Medical, Dental, and Vision401K with MatchingFlexible Time OffCorporate Fitness ProgramA variety of voluntary benefits including Legal Plans, Accident and Hospital Indemnity, Pet Insurance, and moreAt Blue Yonder, we are committed to fostering an inclusive environment where everyone can share their unique voices and talents. We are proud of our diverse culture as an equal opportunity employer. We embrace the professional, personal, educational, and volunteer opportunities through which people gain experience.Our ValuesIf you want to know the heart of a company, take a look at their values. Ours unite us and drive our success. Does your heart beat like ours? Find out here: Core ValuesDiversity, Inclusion, Value & Equity (DIVE) is our strategy for fostering an inclusive environment. We are committed to change and celebrate the differences in all of us.All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.
#J-18808-Ljbffr
Senior Penetration Testing ConsultantLocation: Dallas TX - Hybrid role requiring in-office presenceSynonymous Business Title:
Senior Risk AssessorBlueYonder is seeking a Senior Penetration Testing Consultant who would be responsible for leading and conducting penetration test activities against our private and public network. As needed, this candidate will also conduct Penetration Tests for customer environments. This member will play a key role in evolving our Red Team. Strong experience is preferred for this senior role.The candidate will work with leading Pen Test vendors to create SOWs and engage in penetration testing activities as needed. They will also create a solid internal penetration testing program to determine the security posture of the organization and provide meaningful feedback to stakeholders.Responsibilities:Create and maintain a solid penetration testing program for the organization.Conduct all penetration activities for the BlueYonder infrastructure.Coordinate customer requests for penetration testing.Focus on all phases of penetration testing including information gathering, scanning, execution, post-exploitation, custom reporting, and remediation activities.Identify assets that need prioritization for assessment.Potential to expand to a Red Team focusing on validating security controls and tools in place.Create awareness about the extent of compromise possible with the current security posture.Create processes for the penetration testing program.Leverage vulnerability scan results from all scanners.Utilize threat intelligence information to enhance the Pen Testing program.Evaluate threats, vulnerabilities, and risks in cloud platforms like Azure and AWS.Provide solid feedback to stakeholders to reduce risk exposure.Validate security controls such as intrusion prevention and detection systems.Expert in post-exploitation to determine the extent of compromise.Document and track all hacking activities for management and auditors.Represent the team for internal and external auditors as needed.Review reports for each assessment before sending them to asset owners or customers.Participate in and assist with the incident response team as appropriate.Generate metrics for management as needed.Prepare system security reports by collecting, analyzing, and summarizing data and trends.Perform any other security-related duties assigned by management.Qualifications:7-8 years of proven experience in penetration testing or Red Teaming; a Master's degree can substitute for 2 years of experience.Strong expertise in Vulnerability and Threat Management, Penetration Testing, and gathering actionable threat intelligence.Bachelor's degree in Information Security, MIS, Computer Science, or related fields.Deep experience in architecting and implementing network security designs.Expert in network, system, and endpoint security.Education and experience in public cloud infrastructure such as Microsoft, Google, AWS, or IBM.Proven experience with vulnerability management products such as Retina, Qualys, Tenable, and others.Excellent customer service and strong written and oral communication skills.Demonstrated understanding of information security concepts, standards, and practices.Certifications such as OSCP, OSCE, CEH, CISSP or equivalent.Results-oriented with attention to detail.Ability to work in different shifts to partner with the global team.The Salary Range for this position is $105,261.54 to $132,738.45. The salary range reflects the anticipated base salary based on current national data. Individual salary will be commensurate with skills, experience, certifications, and other relevant factors. This role will also be eligible for an annual performance bonus or commission program.At Blue Yonder, we care about the wellbeing of our employees and their families. This is reflected in our robust benefits package, which includes:Comprehensive Medical, Dental, and Vision401K with MatchingFlexible Time OffCorporate Fitness ProgramA variety of voluntary benefits including Legal Plans, Accident and Hospital Indemnity, Pet Insurance, and moreAt Blue Yonder, we are committed to fostering an inclusive environment where everyone can share their unique voices and talents. We are proud of our diverse culture as an equal opportunity employer. We embrace the professional, personal, educational, and volunteer opportunities through which people gain experience.Our ValuesIf you want to know the heart of a company, take a look at their values. Ours unite us and drive our success. Does your heart beat like ours? Find out here: Core ValuesDiversity, Inclusion, Value & Equity (DIVE) is our strategy for fostering an inclusive environment. We are committed to change and celebrate the differences in all of us.All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.
#J-18808-Ljbffr