Senior Engineer - Security Testing Services - Penetration Testing
- Employer
- Target
- Location
- Brooklyn Park, Minnesota
- Start date
- Jun 1, 2019
- Closing date
- Jun 26, 2019
View more
- Category
- Retail / Wholesale
- Employment Status
- Full Time
You need to sign in or create an account to save a job.
Description:
The core role of Security Testing Services is to provide
Penetration Testing and Application Security Testing services to Target's
product teams. The Penetration Testing Team is responsible for the automated
and manual analysis of systems and applications in an effort to identify
security flaws. The team proactively finds security vulnerabilities and
strengthens security offerings using coordinated simulated attacks against
Target-owned systems and resources using pre-defined and approved methodology.
As a senior engineer, you will independently conduct pentests, and suggest
improvements to the testing process. You will detect and exploit
vulnerabilities manually, and develop tools and techniques to assist the team
with improving skills and capabilities. You will also have the opportunity to
present and contribute to Target's overall security learning and posture.
Qualifications:
The core role of Security Testing Services is to provide
Penetration Testing and Application Security Testing services to Target's
product teams. The Penetration Testing Team is responsible for the automated
and manual analysis of systems and applications in an effort to identify
security flaws. The team proactively finds security vulnerabilities and
strengthens security offerings using coordinated simulated attacks against
Target-owned systems and resources using pre-defined and approved methodology.
As a senior engineer, you will independently conduct pentests, and suggest
improvements to the testing process. You will detect and exploit
vulnerabilities manually, and develop tools and techniques to assist the team
with improving skills and capabilities. You will also have the opportunity to
present and contribute to Target's overall security learning and posture.
- Preferred Experience:
2 - 5 years experience in a combination of
the following:- Information Technology (i.e. Helpdesk /
Systems/Platform Engineering, software development) - Information Security - Offensive or Defensive
- Pentesting
- 2-4 years of college/vocational education in
the field or equivalent experience - Formal training in the course of employment
history.
Generalist Certifications: - OSCP/OSCE
- SANS certifications (GSEC/GCIH/GICSP/etc)
Basic scripting / development experience
Desired Skills:
Understand intermediate computing concepts
such as: - Application Architecture (two tier / three
tier / microservices) - Network Segmentation
- Protocol recognition (i.e. SSL/TLS, SSH)
Basic to intermediate usage of security tools
such as: - Kali Linux
- Nmap / Nessus
- Burp / ZAP
- Wireshark / TCPDump
Technical Communication Skills (written and
verbal): - Understanding of vulnerability
classes/domains. - How risk ratings should be applied.
- Knowledgeable of OWASP Top 10 and Mitre
Attack Framework
Understand how testing tools and technologies
work.
Proficient with at least one operating
system.
- Information Technology (i.e. Helpdesk /
Qualifications:
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalized job recommendations straight to your inbox.
Create alert