Senior Penetration Tester - Network Securities
- 1300 W Traverse Pkwy, Lehi, UT 84043, USA
Ancestry is seeking a Penetration Tester to join our Information Security team, working onsite our Lehi location, working directly on our Secure Network Systems. This is an opportunity to come join us during a massive growth-phase, while we also take our applications into AWS.
We are looking for an experienced, and motivated penetration tester who is passionate about what they do in all Secure efforts. This is an opportunity to work in a diverse, yet collaborative environment helping to pioneer new areas and fields (DNA, and more). With this opportunity, you will play a key role in helping to shape and test new compliance standards around emerging technologies and fields.
What you will do:
- You will be responsible for researching new threats, attack vectors and risks.
- You will be building exploit POC’s.
- You will create after-action reports documenting results including findings, risk mitigation recommendations, and lessons learned.
- You will prepare and participate in live security exercises to assess the effectiveness of preventative controls and the ability of the SOC to detect, respond and recover from a security incident.
- You will document security exercises including the formal plan, execution summary and the after-action report.
- You will coordinate with stakeholders (system owners, IT program managers, Network Operations Center personnel, etc) when designing and executing tests and exercises
- Bachelor's degree in related field required.
- You have proven experience (minimum of 3 years) in IT security
- You will have 4 years of work experience (post graduation) specializing in penetration testing (preferably in an Enterprise, multiple OS environment)
- Demonstrable experience creating exploits for vulnerabilities OR one of the following industry certifications relating to penetration testing: GXPN, OSCE, OSCP, or OSEE
- Proficiency in at least one of the following frameworks: Metasploit, Empire, PowerSploit Maltego, Immunity Canvas
- Ability to work independently and also collaborate closely with incident responders, SOC analysts, engineers, and others
- Knowledge of the latest security threats, techniques, and exploits targeting vulnerabilities
- Strong familiarity with multiple operating systems, databases, applications and platforms
- Understanding of SQL, XSS, CSRF, XXE, and other trends in web exploitation
- You are a quick-learn
We’re a cutting-edge tech company with a very human mission—to help every person discover, preserve, and share the story of what led to them. Combining the rich information in family trees and historical records with the genetic details revealed in DNA, we create unique experiences that give people a new understanding of their lives, because connecting all the pieces of our family story can give us the deepest sense of who we are.
For more information on what we do and why you would want to work at Ancestry, visit our careers page:www.workforancestry.com
Ancestry is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at Ancestry via-email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Ancestry. No fee will be paid in the event the candidate is hired by Ancestry as a result of the referral or through other means .
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.