Penetration Tester - Network Securities
- W Traverse Pkwy, Lehi, UT 84043, USA
We are looking for an experienced, and motivated penetration tester who is passionate about what they do in all Secure efforts. This is an opportunity to work in a diverse, yet collaborative environment helping to pioneer new areas and fields (DNA, and more). With this opportunity, you will play a key role in helping to shape and test new compliance standards around emerging technologies and fields.
What you will do:
- You will be responsible for researching new threats, attack vectors and risks.
- You will be building exploit POC’s.
- You will create after-action reports documenting results including findings, risk mitigation recommendations, and lessons learned.
- You will prepare and participate in live security exercises to assess the effectiveness of preventative controls and the ability of the SOC to detect, respond and recover from a security incident.
- You will document security exercises including the formal plan, execution summary and the after-action report.
- You will coordinate with stakeholders (system owners, IT program managers, Network Operations Center personnel, etc) when designing and executing tests and exercises
- Bachelor's degree in related field required.
- You will have 2 years of professional work experience in IT Security environment, doing penetration testing (preferably in an Enterprise, multiple OS environment)
- Demonstrable experience creating exploits for vulnerabilities OR one of the following industry certifications relating to penetration testing: GXPN, OSCE, OSCP, or OSEE
- Proficiency in at least one of the following frameworks: Metasploit, Empire, PowerSploit Maltego, Immunity Canvas
- Ability to work independently and also collaborate closely with incident responders, SOC analysts, engineers, and others
- Knowledge of the latest security threats, techniques, and exploits targeting vulnerabilities
- Strong familiarity with multiple operating systems, databases, applications and platforms
- Understanding of SQL, XSS, CSRF, XXE, and other trends in web exploitation
- You are a quick-learn
Helping people discover their story is at the heart of ours. Ancestry is the largest provider of family history and personal DNA testing, harnessing a powerful combination of information, science and technology to help people discover their family history and stories that were never possible before. Ancestry’s suite of products includes: AncestryDNA, AncestryProGenealogists, Fold3, Newspapers.com, Find a Grave, Archives.com, and Rootsweb.
We offer excellent benefits and a competitive compensation package. For additional information, regarding our benefits and career information, please visit our website at http://ancestry.com/careers. (REF1109H)
Ancestry is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at Ancestry via-email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Ancestry. No fee will be paid in the event the candidate is hired by Ancestry.com as a result of the referral or through other means.