Senion Penetration Tester : Endpoint Client Security

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Job Description:

We are seeking a skilled Penetration Tester to assess and enhance the security of our cross-platform executable Qualys Cloud Agent.

This agent is responsible for system monitoring, data collection, and secure communication with a cloud platform.

Operating across Unix, Windows, and macOS environments, the agent plays a critical role in our security and compliance solutions.

The ideal candidate will uncover vulnerabilities, simulate attack scenarios, and work with our teams to fortify the system against threats.

Key Responsibilities:

Cross-Platform Agent Testing:

• Conduct comprehensive security testing of the executable agent, ensuring robust functionality across Unix/Linux, Windows, and macOS platforms.
• Identify and exploit vulnerabilities in the agent’s runtime behavior, system interactions, and interprocess communications.
• Test agent privilege management and evaluate risks of escalation or exploitation.

Data Collection and Handling:

• Analyze the agent’s data collection mechanisms to ensure data privacy and integrity.
• Validate proper implementation of sensitive data redaction and secure storage practices.

Communication Security:

• Test the agent’s secure communication mechanisms with the cloud server, focusing on:
  • Encryption (TLS/SSL, public key cryptography).
  • Authentication and session management.
  • Mitigation of threats like MITM, replay attacks, and DNS spoofing.

Reverse Engineering and Exploitation:

• Perform binary analysis to identify vulnerabilities in the agent's implementation.
• Reverse engineer agent components to assess the effectiveness of tamper-proofing mechanisms and embedded security features.
• Simulate advanced threat scenarios, including code injection and runtime manipulation.

System Security Evaluations:

• Assess the agent’s impact on host system security, ensuring it does not inadvertently introduce risks (e.g., open ports, exploitable configurations).
• Evaluate installation, update, and self-defense mechanisms for tamper resistance and exploitation risks.

Reporting and Remediation:

• Provide detailed vulnerability reports with proof of concept (PoC), risk impact assessments, and actionable remediation steps.
• Collaborate with development team to address vulnerabilities and validate fixes
• Contribute to improving secure development practices and robust agent design.

Required Qualifications:

Technical Expertise:

• In-depth knowledge of penetration testing methodologies for executable agents, system processes, and OS-specific security models (Windows, Unix/Linux, macOS).
• Proficiency in network security and cryptographic protocol testing.
• Strong background in reverse engineering tools and techniques

Tools & Scripting:

• Scripting skills in Python, Bash, PowerShell, for creating custom tests.
• Hands on experience with proxy solutions ex Burp or Fiddler

Experience:

• Proven track record of assessing software agents or similar system monitoring tools.
• Familiarity with common vulnerabilities, including CVEs related to agent-based applications.
• Experience working with security tools or platforms similar to Qualys Agent.

Certifications (Preferred):

• OSCP, OSWE, CEH, GPEN, or equivalent cybersecurity certifications.
• Relevant cloud certifications such as AWS Security Specialty, Azure Security Engineer Associate.

Preferred Qualifications:

• Hands-on experience with agent technologies similar to Qualys Cloud Agent.
• Familiarity with cloud architecture, APIs, and integration points.
• Knowledge of secure coding practices and defensive programming.
• Experience with CI/CD pipeline security.