Are you passionate about breaking into web applications and networks and exposing vulnerabilities and help fix them? Are you looking to thrive in a fast-paced environment? We are looking to hire a Cybersecurity Attack and Penetration Tester for our security team. In this role, you will evaluate the security posture of Tripadvisor’s applications and network assets.
Responsibilities include but are not limited to:
- Performing and/or coordinating manual Attack and Penetration (A&P) testing, utilizing and leveraging the latest technologies in this role
Strong IaaS security skills, with a focus on cloud technologies like AWS, Azure, GCP
- Performing red team assessments
- Responding to new security threats and help implement new requirements as needed
- Work in a team environment while maintaining the confidentiality of investigation information
- Deep knowledge of working with OWASP concepts for various solutions
- Experience with security vulnerability and penetration tools with one or more of the following tools: Nessus, Burp Suite, Qualys, Tenable, PowerShell, Electra, Cydia Impactor, Wireshark, ADB, and Drozer.
- Bug bounty participation is a plus
The duties and responsibilities listed in this job description represent the major responsibilities of the position. Other duties and responsibilities may be assigned, as required.
- Bachelor’s degree, preferably in a technical field i.e. Information Systems or Computer Science.
- Security certifications are desired but not required (CISSP, GIAC, CEH, MSCE, CSSLP).
- Ethical Hacker Certification or Similar skills
- At least 3 years of demonstrated manual security testing
- Experience implementing and operating security technologies and processes in a hybrid cloud environment, such as AWS or Azure, and customer premise