TransUnion, LLC logo
Cloud Security Penetration Tester - TransUnion, LLC Chicago, IL, United States Bookmark Share Print 470 0 10

Listing Description

TransUnion is seeking a Senior Penetration Tester to join our Internal Red Team in the Chicago, IL office. The successful candidate will provide technical leadership to a growing team of security testers. The hands-on role will conduct penetration testing and verify the security of applications including, but not limited to: web applications, cloud deployments, mobile applications and web services. Testing will also include Internal/External network, social, phishing, and wireless assessments as well as dodging the ever-vigilant Blue Team.

Over time this position will require ever more creative and technically advanced solutions. The more issues found and patched the more challenging the next assessment will be.

Even though a wide variety of security tests will be conducted against TU systems, the position will initially require an emphasis on Cloud based (AWS, Azure, etc) testing.

The Attack Surface Reduction Team is responsible for monitoring TU’s global footprint and leading efforts to minimize its attack surface via red teaming, application security testing, vulnerability management, and leading company-wide technology initiatives. The team works closely with peers responsible for Threat Management, Malware Analysis, Insider Threat, and Security Automation.

TU offers a broad array of products to the consumers it serves either directly or indirectly and provides critical education and capabilities that empower the consumer and equips them with accurate data that is used by financial institutions, insurers, and employers.

• 5+ years in Information Security or related field

• 2+ years of practical experience in Penetration Testing

• 1+ years of experience dealing with Cloud Environments (and a willingness to learn more)

• Deep technical knowledge in several of these areas: tools, testing methodologies, security concepts, network architecture, programming languages, and computer architecture.

• Able to effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel

• Ability to take direction from management and work as part of a collaborative team

• High motivation, integrity, and commitment to self-development

• Intellectual curiosity, humility, accountability and positive approach

Nice to Haves:

• 4 year college degree in Computer Science or related field

• Proven community contributions through conference presentations, publications, tool development, research, etc.

• One or more of the following certifications (or similar): GPEN, GWAPT, OSCP, CISSP, eCPPT, etc.Think outside the box, question assumptions, push the limits.

Perform a wide variety of Red Team testing against TU infrastructure, applications, and users.

Conduct advanced testing above & beyond automated scanning tools.

Demonstrate importance of identified vulnerabilities and security weaknesses by creating POCs/Demos of pwnage.

Work with Application development teams to understand identified weaknesses, and recommend short and long term solutions if required.

Develop scripts, tools, or methodologies to enhance Red Teaming processes.

Attend conferences and conduct research to stay up-to-date on modern attack


Listing Details

  • Citizenship: No Requirements
  • Incentives: Not Provided

 

  • Education: No Requirements
  • Travel: No Travel
  • Telework: No Telecommute



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765