As a Security Specialist (L0), you will play a crucial role in ensuring the security and integrity of client network environments, web applications, and REST APIs. Your primary responsibilities will include validating findings from automated technologies, conducting checklist-based penetration tests, generating vulnerability reports for our clients, and prioritizing continuous self-improvement to stay current with evolving security trends.
JOB LOCATIONS (2)
ABOUT THE JOB
Key Responsibilities:1. Validate Findings: Verify and validate the results generated by automated security testing technologies to ensure accuracy for client networks and web applications.2. Penetration Testing: Conduct penetration testing of client network environments and web applications using established frameworks, including but not limited to OWASP, PTES, and NIST, to identify vulnerabilities and weaknesses.3. Understanding of Technologies: Possess a high-level understanding of network, web technologies, APIs, and their interactions to effectively assess and test them for security vulnerabilities in client environments.4. Vulnerability Reporting: Prepare comprehensive vulnerability reports that include detailed write-ups, descriptions of identified issues, recommended remediation steps, and an assessment of the business-related impact for our clients.5. Deadline Management: Independently manage and prioritize your workload to ensure that project deadlines for our clients are met in a timely manner while maintaining the highest standards of quality and accuracy.6. Collaboration: Foster communication and collaboration with other team members and departments to share insights, findings, and best practices, as security is a collective effort for our clients.7. Retesting: Perform retesting of identified issues within client network, APIs, and web application environments to confirm that vulnerabilities have been successfully remediated.8. REST API Penetration Testing: Conduct penetration testing of REST API environments for our clients to identify security vulnerabilities and potential risks.Additional Expectations:1. Continuing Education: Commit to ongoing professional development, including participating in relevant training, certifications, and staying current with industry security trends.2. Self-Improvement: Proactively seek opportunities for self-improvement and skill development to enhance your capabilities as a security engineer.
OTHER
Offices are in Honolulu and New York City. Remote work is an option.