Principle Pen Tester - Red Team - HBO MaxLocation New York, New York | United States
Business: HBO Max
Position Type: Full TimeJob ID 173978BR Apply Now
The principle will lead hunts for vulnerabilities that could lead to a data breach or IT disruption and collaborates with his/her peers in the Cyber Security Office, the company's business leaders the company's IT staff to improve the company's information security posture and reduce the likelihood of a disruptive cybersecurity event.
- Oversee the development cybersecurity attack plans to test the security of key applications, detection and response capabilities within the company.
- Critical understanding of the cyber attacker kills chain elements, with particular emphasis on attack objectives.
- Promote collaboration with our developers and vulnerability researchers to prioritize the attack tool planning and custom development.
- Understand and apply attack and penetration concepts including the attack surface; identification of system software and configuration vulnerabilities and critical information, data and processes that must be protected.
- Coordinate with other Red Team members to achieve the specified objectives.
- Develop the mission reports that the define success or failure of each attack.
- Work with business leaders and other ISO staff to prioritize vulnerability findings for remediation.
- Other duties as required.
- 5-7 years of attack and penetration testing experience
- 7-10 years of technology experience
- 3-5 years of management or leadership experience
- Expertise in all aspects of security disciplines: Information security, software development, vulnerability assessments, threat analysis, incident response, threat modeling, security intelligence and forensic investigations.
- Experience with Windows operating systems and security (boot process, subsystems, kernel- and user-level processes, networking, Active Directory, NTFS/NTFS security), Ubuntu, Kali Linux in addition to:
- Proficient with common attack tools (Immunity CANVAS, Burp, SET, Metasploit, Nmap, Nessus) and defensive tools (Snort Intrusion Detection System(IDS)/Intrusion Prevention System(IPS), tcpdump, Wireshark, Security Onion IDS Linux Distribution)
- Strong written and verbal communication skills
Warner Media, LLC and its subsidiaries are equal opportunity employers. Qualified candidates will receive consideration for employment without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law.
We are storytellers.
Join our Talent Network – the first place our recruiters look for candidates when jobs open.
Get notified when we post jobs you're interested in. SIGN UP FOR JOB ALERTS