Senior Penetration Test Analyst

Job Listing No: 9740000

Senior Penetration Test Analyst

Position PurposeThe primary role of the Technology Governance, Risk & Control (TGRC) Senior Penetration Tester is in the preparation, execution, and reporting of advanced tests that assess the resiliency, integrity and security of Cargill and 3rd party solutions. ?This role will proactively identify security vulnerabilities in solutions including but not limited to: web and client/server applications, ASPs, OSPs, wired and wireless networks, IT infrastructure and data storage and will recommend mitigating actions to reduce identified risks to an acceptable level. ?A solid foundation of IT Security knowledge surrounding cryptography, protocols, authentication and authorization variants, strengths and weaknesses of commonly used technologies, common mistakes or assumptions in implementation and/or development are required. This is necessary because many times tests will require the Senior Penetration Tester to be given a new technology, become an expert in the technology, more so than the implementers and/or developers in a very short period of time, methodically test and adjust mid-test – points of emphasis based on current results and report out with remediation advice included. ?The Senior Penetration Tester must become an expert in all aspects of the solution undergoing testing. ?This entails contacting the right resources and asking the right questions to establish an accurate understanding of the threats to the business, threats to the technology, and threats to the enterprise; as well as deconstructing massive amounts of documentation and information into its pertinent parts for further investigation during the testing. ?This also means the Senior Penetration Tester is managing the relationship and interactions between TGRC and the customer; who could be an OSP, ASP, vendor, or internal Cargill partner.Testing will require; specialized knowledge in various development languages, and a broad understanding of enterprise solutions and their respective component architectures. ?Assessments will require the use of automated and manual testing using a wide range of tools to cover highly iterative and human contextual situations. ?This role will require the Senior Penetration Tester to come up to speed with new technologies and testing tools quickly. ?This will involve a combination of purchased security assessment software, as well as a large number of open source tools and scripts that the Senior Penetration Tester must be aware of, where in reference to the latter, be able to learn how to use sometimes mid-test and fix in the event that it is not working properly.This role will also be responsible for the creation and management of any standardized assessment processes, procedures, templates and product selection for tools and resources where applicable. ?This includes the management of 3rd party security consulting companies for penetration testing engagements that can?t be executed as a result of resource or timing constraints. ?Specifically, the creation and management of end-to-end; from engagement to report-out, workflows and artifact creation and retention during penetration testing engagements must be standardized. ?Penetration testing machines, associated passwords for software selected, and an inventory of commonly used tools must be maintained in accordance with Technology Asset Management (TAM) requirements. ??The Senior Penetration Tester will serve as a subject matter expert to the enterprise to provide real-world evidence of risks and guide prioritization. ?This role will work closely with other TGRC verticals where appropriate; as well as support Corporate Audit, Enterprise Architecture, and Tartan.Principal Accountabilities?60% -ExecutionCreate advanced test procedures to assess the confidentiality, integrity, and availability of enterprise systemsManage penetration test execution and thoroughly document test inputs, outputs, and results.Interpret test result data and present findings to IT and Business constituents in both technical and business relevant terms.15% – Strategy and R&DProvide input into the strategic direction of penetration testing, defining and implementing risk management plans and managing revisions as necessaryServe as a consult and a subject matter expert of penetration testing of tools and resources within TGRC and business-facingEngage with 3rd party penetration testing resources as necessaryManage relationships with internal and external IT business resourcesSecurity research and associated development5% – PCI Compliance initiativesProvide consultation to primary PCI Compliance owner for remediation and/or mitigation activities where necessary.20% – ConsultationProvide application and infrastructure security consultation for other TGRC verticals and IT teams where necessary.Provide mentorship and consultation to other penetration testers where necessaryProvide support to incident management as necessaryEqual Opportunity Employer, including Disability/Vet.This position is posted internally as well as externallySkills:
RequiredBachelor?s degree or 8+ years IT experience?4 + years of IT experience.4 + years of IT security experience.2 + years of demonstrated penetration testing experience.Experience using penetration testing tools including Core Impact, BackTrack, Aircrack, IKE-scan and Metasploit.Demonstrated working knowledge of encryption protocols, algorithms, technologies and implementations.Able to identify, exploit, and recommend remediation activities for technology security issues?Understanding of secure application development and system configuration processes, methodologies and tools.Strong written and verbal communication with presentation skillsExperience in vulnerability management, including testing, scanning, and patching.Excellent time management skills, and the ability to prioritize and multi-task.Ability to work efficiently and independently with minimal supervision (i.e. self-motivated and willing to stretch to meet important deadlines).Knowledge of IT security architecture and design (firewalls, Intrusion Detection Systems, Virtual Private Networking, virus protection technologies, vulnerability management, Data Loss Protection, Digital Rights Management, etc.)Knowledge of LAN/WAN design and general internetworking technologies.Knowledge of Windows and Unix operating systems.Proven record of high performance in problem solving, collaborating, planning/priority setting, timely decision making, perseverance, and a drive for results.?Very strong, proven customer focus skills in translating risk management policies into business requirements.?Very strong interpersonal skills in terms of effective listening, patience, composure, and conflict management.?Ability to mentor and develop

Apply for this job.

Similar Jobs For "Senior Penetration Test Analyst"

 Jobs by Indeed job search

Sr Advisor, Business Development- Marion & Hardin

Company: Ohio Health
Location: Marion, OH 43302
The Sr Advisor develops and directs projects in conjunction with physicians, hospitals, ambulatory sites, other OhioHealth entities and outside management… To apply for this job vacancy in Ohio Health you must be qualified and you should prepare the required documents, click on the job link for more details.
Posted 11 hours ago

Senior Security Engineer

Company: BigFish Recruiting
Location: Johnson City, TN
Experience in vulnerability scanning, SEIM, penetration testing, network admission control, advanced malware protection and/or mobile device management. To apply for this job vacancy in BigFish Recruiting you must be qualified and you should prepare the required documents, click on the job link for more details.
Posted 10 hours ago

Sr. Cyber Security Architect

Company: Sealed Air Corporation
Location: Charlotte, NC 28273
Intermediate knowledge of cryptography and cryptographic key management concepts, penetration testing principles, tools, and techniques (e.g., metasploit,… To apply for this job vacancy in Sealed Air Corporation you must be qualified and you should prepare the required documents, click on the job link for more details.
Posted 23 hours ago

President, Real Estate

Company: Gordon Brothers
Location: Boston, MA 02298
Experience as a senior executive in a complex, deal driven environment is a must. As a complex and growing global enterprise, we have a new opportunity for a… To apply for this job vacancy in Gordon Brothers you must be qualified and you should prepare the required documents, click on the job link for more details.
Posted 20 hours ago

2020 Summer Games Internship

Company: Booz Allen Hamilton
Location: McLean, VA 22102
The summer culminates with a final Challenge Cup competition and presentation to senior leadership. Throughout the Games, interns receive mentorship from senior… To apply for this job vacancy in Booz Allen Hamilton you must be qualified and you should prepare the required documents, click on the job link for more details.
Posted 21 hours ago

Note: This job listing with titled "Senior Penetration Test Analyst" was indexed from different job portals. This job might be expired or closed for accepting CV's so we suggest to browse it from the new jobs menu of this site. Our website is an open community website for assisting job seeker so if you found some broken links or error in our site don't hesitate to contact us to fix the issue. Thank you for using our free services.