Penetration Tester / Hybrid 3 days / Plano, TX

A prominent global food and beverage company. Known for its diverse brand portfolio this client operates across more than 200 countries. The company focuses on producing, marketing, and distributing snacks, beverages, and nutrition products. The company prioritizes sustainability, innovation, and consumer-focused product development to stay competitive in the industry..
A leading global company is expanding its Offensive Security Team within its Cyber Fusion Center, responsible for assessing its cybersecurity posture through Red Team Engagements and Penetration Testing. The ideal candidate should have strong expertise in Application, Network, and Infrastructure vulnerability testing. Experience in XSS, SQL Injection, CSRF, and Authentication Weaknesses is essential. Proficiency in security tools and adherence to OWASP standards are preferred, along with programming/scripting automation skills using Python, Bash, or similar languages.

Required Skills & Experience

• Advanced knowledge of security tools (Burp Suite, Metasploit, Cobalt Strike, Empire, Nmap, bloodhound, etc.) and multiple operating systems (e.g. Windows, Linux).
• Proficient in at least one scripting language (Python, bash, PowerShell) or one programming language (Java, C#, C ).
• Experience in multiple security domains (e.g. Network security, Application Security, Infrastructure Security, Cloud Security, Security operations).
• Experience in aligning threat and vulnerability management efforts to frameworks and control objectives - MITRE ATT&CK, NIST CSF, ISO27001, CIS, OWASP.
• Familiarity with defensive and monitoring technologies such as Intrusion prevention/detection systems (IPS/IDS), Web application firewalls (WAF), security information and event management systems (SIEMs), and endpoint detection/response (EDR) tools, as well as user and entity behavior analytics (UEBA).
• Experience in developing offensive security tooling and automation is a plus

What You Will Be Doing
Tech Breakdown

• Application, Network, and Infrastructure Vulnerability Testing - 30%
• Experience with Exploits (XSS, SQL Injection, CSRF, Authentication Weaknesses, etc.) - 25%
• Proficiency in Security Tooling & OWASP Standards - 20%
• Programming/Scripting Automation (Python, Bash, etc.) - 15%
• Red Team Engagements & Penetration Testing - 10%

Daily Responsibilities

• Execute on projects, objectives, and deliverables in alignments with team vision, mission, and goals.
• Routinely develop and update offensive security documentation, processes, and technologies to adapt to emerging threat landscape.
• Develop automation to scale global offensive capabilities and operational resiliency.
• Collaborate with partner teams, service owners, and senior leadership to influence, prioritize, and drive the resolution of discovered security findings.
• Create and deliver trainings; and participate in security reviews, audits, on-site engagements, and support incidents after-hours when required

The Offer

• Bonus OR Commission eligible

You will receive the following benefits:

• Medical, Dental, and Vision Insurance
• Vacation Time
• Stock Options

Applicants must be currently authorized to work in the US on a full-time basis now and in the future.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.