Lab Summary: The Development QA(DQA) lab in Mountain View has a dual role that is first to research new automation tools as well as take current tools and refine them to our needs. Second, act as a centralized QA group to provide quality assessment by creating comprehensive E2E test strategy for various Endpoint security solution developed.
This duality provides a unique opportunity to explore new concepts in different technologies and perform original research in quality domain.
More details about project : Samsung Knox Position Summary: We are looking for a penetration tester, that conducts pre-authorized simulated cyberattacks on our groundbreaking B2B enterprise products and services to test system resilience.
In this role, you will conduct offensive security operations to emulate adversary tactics and procedures to test preventative, detective, and response controls across the global technology landscape. You will use your expertise to help influence technology decisions and work as part of a team to create consistent approaches to the offensive security processes and techniques.
Our ideal candidate is a creative thinker and an excellent communicator who is comfortable working in a demanding, fast-paced environment. If you have a passion for security and a strong understanding of the latest technologies, we want to hear from you!
Responsibilities: Develop expertise in our product solutions, deep diving into design/architecture, & execute white box and black box penetration scenariosPlan, scope and conduct vulnerability assessment/ Penetration test on internal / external facing public assets such as Web application, Android platform, Android Apps, Backend APIs, and Cloud servicesResearch & and conduct adversary simulation for known security threats and identify novel attack vectors to test a system's relative security readinessConduct Threat modelling, Threat Intelligence and scoping with stakeholdersAssist in creating and maintaining internal penetration testing and practice within QA teamBuild Test harness & required Automation suites and validate attack vectors in Threat LabCreating and targeting journals publications on security researchVulnerability logging and tracking until closureCo-ordinate with program management, security architects at Internal & offshore sitesStays up to date on current tools, technologies, and vulnerabilities to incorporate into testing practicesResearch and developing exploits for zero-day vulnerabilitiesConduct secure source code analysis on products and servicesRequired Skills: BS in Cyber Security or Security relevant disciplines or equivalent combination of education, training and experience5+ years' experience in Penetration testing including 2+ year experience in Android and 1+ year experience in Web ApplicationComprehensive knowledge in Information Security practices on malware, phishing attacks, attack vectors and methods to protect against threatsCertifications in offensive security: OSCP or OSWA or OSWE or CRTO or BSCP or similarExtensive Knowledge in Java or C or any relevant programming languageSpecial Attributes: Experience in Endpoint security platformsHistory in cyber security competitions or CTFsBlogpost on security research, walkthroughs or PoCs on security domainMalware development or reverse engineering experienceExperience testing Endpoint Detection & Response (EDR), Extended Detection & Response (XDR) platforms, Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR) or related products
#J-18808-Ljbffr