Listing Description
Qualifications:
Associates or Bachelor's degree with a preference in a science, technology, engineering, or math related field or equivalent work experience (6 years of experience equates to an Associate’s degree when defining “equivalent work experience”)
5+ years of experience in cyber-security
3+ years of work experience directly related to Red Team assessments and penetration testing (intranet, internet, web, wireless, social engineering)
Excellent written and verbal communication skills
Demonstrable teamwork skills and resourcefulness
Additional preferred technical experience:
Experience using various penetration testing tools (such as, BurpSuite, Metasploit, Nessus, etc.) on Windows and Linux
Experience with multiple programming languages (such as, Java, C++, C#), especially scripting languages (such as, Python, Ruby, Perl, etc.)
Security engineering experience that includes knowledge and understanding of recent research and advances in adversary tactics, techniques and procedures as well as corresponding defenses
Experience with reverse engineering
One of the following certifications preferred: OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN.
Ability to present complex technical material in an understandable way to all levels of management
Understanding of mobile device security
Knowledge and understanding of information security risk assessment procedures, risk mitigation or remediation
Sharp analytical abilities
Experience providing training and mentorship
Knowledge and understanding of financial services industry
Keys to success in this position:
Keen sense of ownership, urgency, and drive
Passion for learning
Excellent written and oral communication skills
Works well in a team environment
Learn more about our company!:
As a member of Principal’s global IT community, you are part of a high-performing culture that promotes employee empowerment, innovation, collaboration, and career development while fostering flexibility between professional and personal responsibilities. The work you do while partnering closely with the business puts our customers’ needs first by shaping the financial security of millions of lives across the globe!
Principal was #29 on Computerworld’s list of 100 Best Places to Work in IT 2018 making it 17 years in a row on the list! Click the link to read all about it.
And, if you have 2 minutes, you'll want to watch this video about our company:
Job Level:
Willing to consider applicants at multiple job levels.
Principal Code of Ethics:
You may be required to comply with a Code of Ethics which covers personal trading activities for you and members of your household.
Additional Information:
What’s next? Innovation at its finest.
We’ll review your application and if you’re selected for an interview, you’ll receive an invite for a pre-recorded interview experience. Haven’t done that before, don’t worry. We’ve got all the tips and tricks available to help you be successful. With a pre-recorded interview, you can add your own flair and personality – at your pace.
Be sure to check your email frequently. We’ll communicate our decisions through the email address used on your online profile. If you receive an email from our Principal Talent Acquisition Team, you’ve been selected to begin your pre-recorded interview experience and have a set time to submit.
Benefits designed with you in mind.
Because each employee is unique, our benefit packages give you lots of choices. We offer comprehensive benefits that helps contribute to the healthy, fulfilling life and gratifying work experience you deserve, at an affordable cost. Click here to see just a few benefits you’ll receive once you join our team.
Not an exact match for this role?
We’ve got a lot of opportunities, so check out some of the others. And creating an email alert on our career site will help you keep you connected and informed of opportunities you’re interested in with a just a few clicks!
Work Authorization/Sponsorship
At this time, we're not able to consider candidates who would need sponsorship now or in the future or those needing work authorization for this role. (This includes students on F1-OPT, F1-CPT, J-1, etc.) However, we’d hope you continue to keep us in mind for other potential opportunities in the future.
Principal is an Affirmative Action and Equal Opportunity Employer.
All qualified applicants will receive consideration for employment without regard to of age, race, color, religion, sex, gender identity, gender expression, pregnancy, national origin, citizenship status, disability, genetic characteristics, sexual orientation, marital status, domestic partner status, military status, protected veteran status, disability status or any other characteristic protected by law.Essential Duties Include:
Automated Breach and Attack Simulation which creates, develops and manages projects and products to continuously test organizational controls with new and emerging security threats and threat actor. This includes writing, validating and augmenting tools to support our evolving security requirements, use cases, and organizational threat goals.
Red Team Intelligence which plans, develops and manages unique red team projects to support strategic information security goals. Gains deep insight into infrastructure, applications, business, operational and personnel processes to accurately inform on security risks and vulnerabilities. Emulates and applies real world threat intelligence and attacker techniques to effectively test organizational security. Stays informed, and tenaciously pursues applicable attack paths.
Perform in-depth analysis of red team engagements results and provides a detailed report that describes findings, exploitation procedures, risks and recommendations that are shared through regular briefings with senior management.
Responsible for setting up scheduled and ad-hoc red team scenarios to highlight gaps impacting the organization’s security posture.
Participate in purple teaming, collaboration with blue team is essential.
Presenting findings within a context of overall risk to the enterprise.
Adjusting red team activities and agenda based on senior management input.
Balancing business stakeholders and a central technology service organization.
Collaborating with multiple stakeholders across functional and technical skillsets.
Assessing and managing the legal and regulatory requirements pertaining to Cyber Readiness related assessments and evaluations.
Collaborating with IT to align security processes, evaluations, and tools.
Listing Details
- Citizenship: Us Citizen
- Incentives: Not Provided
- Education: Associates Degree
- Travel: Travel 25
- Telework: Optional Telecommute