Cybersecurity Pen Tester

Cybersecurity Pen Tester

Description -

Brief description of the role:

• The role is for an expert penetration tester, who will be involved in all sorts of pen testing sources, right from Web, API, thick clients, and printer mobile apps/drivers testing and red teaming, join us to embark on a diverse and exciting career path in a dynamic, high-tech environment. Our teams are creative and friendly, providing a wide range of CyberSecurity services at HP.

What a Penetration Tester does at HP:

• The role is part of a talented team of security engineers and architects within HP Cybersecurity’s Architecture & Security Engineering team. Our security engineers are responsible for ensuring the security of HP products, solutions, and infrastructure. Our security engineers primarily perform manual testing with the assistance of automated tools to identify a complex set of vulnerabilities across a wide range of products and technologies.

Responsibilities:

• Identifies HP system vulnerabilities, attacks, and threats, analyzes security incidents, and threats, and designs appropriate countermeasures.
• Active participation in red teaming is mandatory.
• Performing manual testing, software composition analysis and code scanning is a must.
• Veracode code scanning tool knowledge is necessary.
• Uses knowledge of the HP environment to scope the extent and impact of any vulnerability, attack, or breach.
• Resolves HP security issues related to security vulnerabilities, incidents, and threats through independent analysis and/or research.
• Consults development and product teams on vulnerability remediation.
• Develops, enhances, and maintains HP’s security solutions based on HP security system analysis, research, and incident resolution.
• Operates as a key team member and advises on methods to improve security solutions.

Individuals who do well in this role at HP, usually possess:

• Ability to manually review code, along with the use of automated testing tools, such as Burp Suite, is essential to locate flaws in pen testing
• Search for weaknesses in common software, web applications and proprietary systems
• Research, evaluate, document, and discuss findings with Cybersecurity, application, product, and management teams
• Review and provide feedback for information security fixes
• Establish improvements for existing security services, including hardware, software, policies, and procedures
• Stay updated on the latest malware and security threats
• Advanced understanding of Cybersecurity and IT security risks, threats, and prevention measures
• Advanced understanding of relevant programming and scripting languages (Perl, Python, PowerShell, HTML, JavaScript, etc.)
• Advanced security system analysis skills
• Advanced understanding of security standards and best practices
• Advanced understanding of networking and network security
• Advanced understanding of network monitoring and protocols
• Advanced understanding of:
  • Off-the-shelf vulnerability assessment products and tools.
  • Network security devices (firewalls, proxies, NIDS/NIPS, etc.).
  • Platform and application-layer penetration testing techniques.
  • Adversary techniques, tactics, and protocols and related countermeasures.
  • Dynamic and static malware analysis techniques.
  • Memory analysis techniques.
  • Malware reverse engineering techniques.
  • Experience with mobile devices and other hardware testing.

Education and Experience Required:

• Bachelor’s degree required, preferably in CyberSecurity, computer engineering, or related area of study, or equivalent experience with CGPA: 85%
• Six to eight years of total experience in a similar role is mandatory.
• Familiar with BurpSuite
• Understands basic web application vulnerabilities and how to identify and exploit
• Understand the general flow of a penetration test flow

Industry certifications:

• CEH
• CompTIA Pentest+
• CISSP – Good to have
• Offensive Security Certified Professional – Good to have

Job -

Data & Information Technology

Schedule -

Full time

Shift -

No shift premium (India)

Travel -

Relocation -

Equal Opportunity Employer (EEO) - 

HP, Inc. provides equal employment opportunity to all employees and prospective employees, without regard to race, color, religion, sex, national origin, ancestry, citizenship, sexual orientation, age, disability, or status as a protected veteran, marital status, familial status, physical or mental disability, medical condition, pregnancy, genetic predisposition or carrier status, uniformed service status, political affiliation or any other characteristic protected by applicable national, federal, state, and local law(s).

Please be assured that you will not be subject to any adverse treatment if you choose to disclose the information requested. This information is provided voluntarily. The information obtained will be kept in strict confidence.

If you’d like more information about HP’s EEO Policy or your EEO rights as an applicant under the law, please click here: Equal Employment Opportunity is the Law Equal Employment Opportunity is the Law – Supplement