Senior Network Security Engineer - Penetration Tester
- 1300 W Traverse Pkwy, Lehi, UT 84043, USA
It's an amazing time to be Ancestry. We are a big enough company to have the ability to execute large-scale deliverables and just small enough that you can play an important role in that delivery. With millions and billions of users on our platform, we have an opportunity to create and secure beyond what most minds can imagine. We are expanding our next-generation security program for the cloud, and you can be a critical part of this creative, fast-paced, and exciting team. We are seeking a Senior Security Engineer to join our team with a primary focus on leading our penetration testing program.
We are looking for an experienced, and motivated penetration tester who is passionate about what they do in all Secure efforts. This is an opportunity to work in a diverse, yet collaborative environment helping to pioneer new areas and fields (DNA, and more). With this opportunity, you will play a key role in helping to shape and test new compliance standards around emerging technologies and fields.
What you will do:
- You will be responsible for researching new threats, attack vectors and risks.
- You will be building exploit POC’s.
- You will create after-action reports documenting results including findings, risk mitigation recommendations, and lessons learned.
- You will prepare and participate in live security exercises to assess the effectiveness of preventative controls and the ability of the SOC to detect, respond and recover from a security incident.
- You will document security exercises including the formal plan, execution summary and the after-action report.
- You will coordinate with stakeholders (system owners, IT program managers, Network Operations Center personnel, etc) when designing and executing tests and exercises
- Bachelor's degree in related field required.
- You have proven experience (minimum of 3 years) in IT security
- You will have 4 years of work experience (post graduation) specializing in penetration testing (preferably in an Enterprise, multiple OS environment)
- Demonstrable experience creating exploits for vulnerabilities OR one of the following industry certifications relating to penetration testing: GXPN, OSCE, OSCP, or OSEE
- Proficiency in at least one of the following frameworks: Metasploit, Empire, PowerSploit Maltego, Immunity Canvas
- Ability to work independently and also collaborate closely with incident responders, SOC analysts, engineers, and others
- Knowledge of the latest security threats, techniques, and exploits targeting vulnerabilities
- Strong familiarity with multiple operating systems, databases, applications and platforms
- Understanding of SQL, XSS, CSRF, XXE, and other trends in web exploitation
- You are a quick-learn
We’re a cutting-edge tech company with a very human mission—to help every person discover, preserve, and share the story of what led to them. Combining the rich information in family trees and historical records with the genetic details revealed in DNA, we create unique experiences that give people a new understanding of their lives, because connecting all the pieces of our family story can give us the deepest sense of who we are.
For more information on what we do and why you would want to work at Ancestry, visit our careers page:www.workforancestry.com
Ancestry is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at Ancestry via-email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Ancestry. No fee will be paid in the event the candidate is hired by Ancestry as a result of the referral or through other means .
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.