About the job
United States, Georgia, Atlanta
Information Technology
01-Apr-2022
Ref #: 13461
LinkedIn Tag:
How you’ll help us Keep Climbing (overview & key responsibilities)
Do you enjoy identifying advanced technical problems? Do you enjoy building and maintaining successful relationships through direct engagements with peers, managers, and other technical teams? Partnering with various business stakeholders to build a collaborative working environment while promoting high standards and exercising ethical and business-oriented judgment and professionalism? If you do, then its sounds like you are just the person we are looking for to join our Information Security Team at Delta Air Lines.
The successful candidate can apply technical application and network security testing expertise to assist in identifying application, network, protocol, logic, and hardware vulnerabilities. As a member of Delta’s Red Team your responsibilities will include assisting in application security audits, code reviews, penetration testing, vulnerability management, and making technical issues demonstrable and accessible for others to appreciate and remediate.
Key Responsibilities:
- Identify weaknesses and vulnerabilities that affect the confidentiality, integrity and availability of corporate protected, sensitive, and confidential company information and data
- Perform various penetration testing assessments as an individual contributor or as part of a team delivering the end-to-end assessment
- Should have experience performing black/white/gray box penetration testing activities manually and leveraging automated tools
- Conduct security assessments against web applications and APIs across a variety of technology stacks, with an emphasis on cloud-based testing methodologies
- Ensure security requirements are implemented within various stages of the system development lifecycle process; work closely with development teams to pen test new features within internally developed applications as part of our SDLC
- Validate and advise on vulnerability / threat findings
- Create comprehensive reports characterizing threats and provides recommendations for remediation, managing remediation efforts to completion
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences
- Ensure adequate security requirements and privacy by design are built into all architecture/infrastructure/projects
- Lend expertise to the Security Incident Response Team as needed
- Impart application security and ethical hacking subject matter expertise into team processes
- Drive improvements in the security testing practice to include execution methodology and metrics where possible
- Partner effectively with development and infrastructure teams to integrate security
- Apply software development skills (e.g., Java, C#.NET, JavaScript) to recommend secure coding practices when consulted
- Drive awareness and knowledge of security in developers
- Effectively communicate technical issues to non-technical leaders
- Continually improve proficiency in application and API exploitation, tools, techniques, and countermeasures
What You Need To Succeed (minimum Qualifications)
- 2+ years of experience in performing two or more of the following: network, cloud, application, mobile application, and wireless penetration testing
- Experience with vulnerability risk and impact assessment report writing
- General understanding of cloud architecture and security including containers, software-defined networks, high availability design, public cloud, service mesh, and serverless compute
- Recognize and safely utilize attacker tools, tactics, and procedures
- Extensive experience in real world exploitation practices. PoC || GTFO, actionable findings only
- Experience auditing and advising on security capabilities in cloud and application lifecycle management platforms
- Extensive knowledge of the OWASP Top 10
- Extensive knowledge with freely available open source resources to detect, adapt, and meet emerging threats or reproducing and demonstrating vulnerabilities
- Excellent written and verbal communication skills
- Strong sense of urgency and accountability
- Where permitted by applicable law, must have received or be willing to receive the COVID-19 vaccine by date of hire to be considered for U.S.-based job, if not currently employed by Delta Air Lines, Inc.
What Will Give You a Competitive Edge (preferred Qualifications)
- B.S. degree in Computer Science, Computer Engineering, Information Assurance, or related field preferred
- 2 years of demonstrable experience in application security, penetration testing, security assessment, secure software development or related field
- Extensive experience in software development or secure coding practices
- Professional certifications such as PWK|OSCP, GCPN, or GPEN
More Information
- Address Atlanta, GA, USA
- Salary Offer $50.000 ~ $100.000
- Experience Level Junior
- Total Years Experience 0-5