Offensive Security Engineer
Company: PGIM
Location: Newark
Posted on: January 28, 2023
|
|
Job Description:
Job Classification:Technology - Information SecurityPrudential's
Global Technology (GT) team is the spark that ignites the power of
Prudential for our customers and employees worldwide. Our
organization plays a critical and highly visible role in delivering
customer-driven solutions across every area of the company. The
Global Technology team is made up of diverse, agile-thinking, and
highly skilled professionals; we use our combined capabilities to
enable the organization with innovation, speed, agility,
scalability, and efficiency.The Global Technology team takes great
pride in our culture where digital transformation is built into our
DNA. When you join the Global Technology organization at
Prudential, you'll unlock a challenging and impactful career - all
while growing your skills and advancing your profession at one of
the world's leading financial services institutions.Prudential is
looking for an Offensive Security Engineer to join our growing
Offensive Security program. Prudential's Offensive Security team
takes a proactive and adversarial approach to protecting
Prudential. The Offensive Security Engineer will use their strong
technical skills in application architecture and enterprise
infrastructure to assume a hacker mind set and find vulnerabilities
before an adversary can. The Offensive Security Engineer is
responsible for participating in Prudential's penetration testing,
responsible disclosure, and vulnerability validation operations
across the global enterprise. As an influential member of the team,
the Offensive Security Engineer will be a primary liaison with the
enterprise architecture, security, and technology teams.What You'll
Do--- Perform pen tests of Prudential's infrastructure and web and
mobile applications.--- Communicate discovered issues (OWASP Top
10, XSS, CSRF, SSRF, SQLi, IDOR). How to exploit them and how to
remediate them.--- Collaborate with the Offensive Security team
writing tools and setting up infrastructure for use during
engagements.--- Present and share findings and testing techniques
with various partners (application security, software development,
DFIR, and dev ops teams).--- Regularly research and learn new TTPs
in public and closed forums. Work with teammates to assess
Prudential's risk and work with teams to implement and validate
controls as necessary. --- Liaise with the security engineering
teams to improve tool usage and workflow, as well as with the cyber
security operations center to mature monitoring and response
capabilities.--- Work with external security researchers through
our VDP and bug bounty programs to reproduce, validate, assess
risk, and provide/orchestrate remediation of reported security
issues.--- Mentor other Offensive Security engineers on the
team.Basic Qualifications--- Bachelors Degree in Computer Science,
or equivalent work experience--- Experience performing web and
mobile application penetration testing--- Experience performing
security reviews of existing infrastructure and demonstrating
vulnerabilities--- Building, deploying, and leading Red Team
operational infrastructure--- Knowledge of adversarial TTPs---
Competent with testing frameworks and tools such as Burp Suite,
Metasploit, Cobalt Strike, Kali Linux, Nessus, PowerShell Empire
and AutoSploit.--- Understanding of OWASP, the MITRE ATT&CK
framework and the software development lifecycle (SDLC).--- Strong
written and verbal communication skills, specifically on security
topics. The work the Offensive Security team does is highly
technical and consumed by a number of different audiences. Being
able to bridge the gap and communicate effectively to these
audiences will be invaluable and ultimately lead to a decrease in
cyber risk.Preferred Qualifications--- Proficiency in one or more
programming languages and can both read and understand code written
by others.--- Proficient in scripting languages such as Python,
PowerShell, Bash and Ruby.--- CVE/Bug Bounty/Responsible
disclosures--- Exploit development--- GPEN, GWAPT, OSCP, OSCE,
OSWENote: Prudential is required by state specific laws to include
the salary range for this role when hiring a resident in applicable
locations. The salary range for this role is from $126,000.00 to
$187,400.00. Specific pricing for the role may vary within the
above range based on many factors including geographic location,
candidate experience, and skills. Roles may also be eligible for
additional compensation and/or benefits. Eligibility to participate
in a discretionary annual incentive program is subject to the rules
governing the program, whereby an award, if any, depends on various
factors including, without limitation, individual and
organizational performance. In addition, employees are eligible for
standard benefits package including paid time off, medical, dental
and retirement.Prudential Financial, Inc. of the United States is
not affiliated with Prudential plc. which is headquartered in the
United Kingdom.Prudential is a multinational financial services
leader with operations in the United States, Asia, Europe, and
Latin America. Leveraging its heritage of life insurance and asset
management expertise, Prudential is focused on helping individual
and institutional customers grow and protect their wealth. The
company's well-known Rock symbol is an icon of strength, stability,
expertise and innovation that has stood the test of time.
Prudential's businesses offer a variety of products and services,
including life insurance, annuities, retirement-related services,
mutual funds, asset management, and real estate services.We
recognize that our strength and success are directly linked to the
quality and skills of our diverse associates. We are proud to be a
place where talented people who want to make a difference can grow
as professionals, leaders, and as individuals. Visit to learn more
about our values, our history and our brand.Prudential is an equal
opportunity employer. All qualified applicants will receive
consideration for employment without regard to race, color,
religion, national origin, ancestry, sex, sexual orientation,
gender identity, national origin, genetics, disability, marital
status, age, veteran status, domestic partner status , medical
condition or any other characteristic protected by law. -The
Prudential Insurance Company of America, Newark, NJ and its
affiliates.Note that this posting is intended for individual
applicants. Search firms or agencies should email Staffing at
staffingagencies@prudential.com for more information about doing
business with Prudential.PEOPLE WITH DISABILITIES:If you need an
accommodation to complete the application process, which may
include an assessment, please email
accommodations.hw@prudential.com.Please note that the above email
is solely for individuals with disabilities requesting an
accommodation. -If you are experiencing a technical issue with your
application or an assessment, please email
careers.technicalsupport@prudential.com to request
assistance.SummaryLocation: Newark, NJ, USAType: Full time
Keywords: PGIM, Newark , Offensive Security Engineer, Other , Newark, New Jersey
Click
here to apply!
|