Job Title: Sr. Penetration Tester (Android)
Location: Mountain View, CA (Onsite)
Duration: Full time
Position Summary:
We are looking for a Sr. Penetration Tester (Android) who will be responsible for working as part of the Development Quality Innovation (DQI) lab in a dual role. First, to research new automation tools as well as take current tools and refine them to our needs. Second, act as a centralized QI group to provide quality assessment and penetration testing operations.
This duality provides a unique opportunity to explore new concepts in different technologies and perform original research in the quality and security domain.
Role and Responsibilities:
· Develop expertise in our product solutions, deep diving into design/architecture, & execute white box and black box penetration scenarios.
· Plan, scope and conduct vulnerability assessment/ Penetration test on internal / external facing public assets such as Web application, Android platform, Android Apps, Backend APIs, and Cloud services.
· Research & and conduct adversary simulation for known security threats and identify novel attack vectors to test a system’s relative security readiness.
· Conduct Threat modelling, Threat Intelligence and scoping with stakeholders.
· Assist in creating and maintaining internal penetration testing and practice within QA team, managing vulnerabilities and tracking until closure.
· Build Test harness & required Automation suites and validate attack vectors in Threat Lab.
· Co-ordinate with program management, security architects at Internal & offshore sites.
· Stays up to date on current tools, technologies, and vulnerabilities to incorporate into testing practices.
· Research and developing exploits for zero-day vulnerabilities.
· Conduct penetration test on IOT and Firmware Devices.
Skills: Necessary Skills and Attributes:
· Self-motivated individual with the ability to thrive in a team-based or independent environment.
· Detail-oriented with strong organization skills.
· Ability to work in a fast-paced environment.
· Limited supervision and the exercise of discretion.
· Blog post on security research, CVEs, walkthroughs or PoCs on security domain is a plus.
Skills Required : ANDROID
Education: Required Experience and Education:
· 5+ years’ experience in Penetration testing, including 2+ year experience in Android and 1+ year experience in Web Application.
· Degree in Cyber Security or Security relevant disciplines is a plus.
· Certifications in offensive security: OSCP or OSWA or OSWE or CRTO or BSCP or similar is a plus.
· Comprehensive knowledge in Information Security practices on malware, phishing attacks, attack vectors and methods to protect against threats.
· Extensive Knowledge in Java, python or any relevant programming language.
· Malware development or reverse engineering experience is a plus.
Regards,
Vignesh
vignesh.k@themesoft.com
