Senior Penetration Tester - Application Security

When you join Verizon

Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect across the globe. We’re a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing...

You’ll be joining a talented group of Ethical hackers evaluating Verizon’s application security posture by identifying and exploiting Browser, API and Mobile application vulnerabilities across Verizon through application pen testing.

• Acting as an App Sec SME collaborating with stakeholders across the enterprise recommending pragmatic risk appropriate recommendations to correct issues found.
• Assisting and mentoring junior and principal pen testers in the establishment of and executing the processes and standards for application layer security penetrating testing.
• Leading small team level projects to ensure Verizon’s security program is the best it can be, which requires regular re-evaluation. This may include creating custom scripts and tools to be used for testing.

Where you'll be working...

In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your organization.

What we’re looking for...

You'll need to have:

• Bachelor's Degree in Computer Science or Cyber Security or four or more years of work experience.
• Four or more years of relevant work experience.
• Three or more years of application security experience.
• Three or more years of experience in using Kali Linux or Burp Suite.
• One of the following certifications: eLearnSecurity certifications such as WAPT or MAPT, OSCP, GPEN, GCIH, GWAPT, or GXPN or equivalent preferred.

Even better if you have one or more of the following:

• Experience in system and application security threats and vulnerabilities and secure configuration management techniques, software debugging principles, software design tools, methods, and techniques, software development models (e.g., Waterfall Model, Spiral Model).
• Strong knowledge of secure coding techniques.
• Strong knowledge of application security, application security vulnerabilities and exploitation techniques.
• Experience in software related information technology (IT) security principles and methods (e.g., modularization, layering, abstraction, data hiding, and simplicity/minimization).
• Grasp of critical infrastructure systems with information technology that were designed without system security considerations.
• Knowledge of secure software deployment methodologies, tools, and practices.
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Knowledge of security architecture concepts and enterprise architecture reference models.
• Experience in conducting application penetration tests and recognizing vulnerabilities in security systems.
• Experience in developing and applying security system access controls.
• Experience in discerning the protection needs (i.e., security controls) of information systems and networks.
• Experience in integrating black box security testing tools into quality assurance process of software releases.
• Experience in secure test plan design (e. g. unit, integration, system, and acceptance).
• Application of cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Strong organization skills and demonstrated ability to manage multiple, often conflicting priorities to successful completion.
• Knowledge of the SDLC, continuous build systems and other software engineering methodologies/systems.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don't meet every "even better" qualification listed above.

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.