Consultant - penetration testing
the dell security & resiliency organization manages the security risk across all aspects of dell’s business. We are currently experiencing incredible growth in order to meet the security needs of the world’s largest technology company. With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture at dell and further develop your career.
Join us as a consultant on our penetration testing team in mexico - remote to do the best work of your career and make a profound social impact.
What you’ll achieve
*responsibilities*:
- conduct and participate in authorized penetration testing exercises.
- report on and prioritize issues to vendors, security team, and engineering through standard escalation processes.
- develop and maintain tools and techniques for adversarial simulation, vulnerability research, and exploit development and support the continuous development and maintenance of team frameworks and operating procedures.
- communicate new developments, breakthroughs, challenges and lessons learned to team members and leadership.
- contribute to the development of cybersecurity strategy, policy, standards, and procedures.
- provide technical expertise on how to integrate information security controls into enterprise environments to comply with established security standards and policies.
- continuously upgrade knowledge, skills & awareness in cybersecurity technologies by way of independent research, training or any other self -improvement methods e.g.; (reading, htb, ctf competitions)
- mentor team members and support their technical development by sharing own expertise and knowledge.
- lead or collaborate on additional projects, assignments, and initiatives as required.
Take the first step towards your dream career
every dell technologies team member brings something unique to the table. Here’s what we are looking for with this role:
desirable knowledge, skills, abilities, and experience:
- expert-level knowledge and experienced in:
- penetration testing principles, tools, techniques and cyberattack stages
- computer networking and network security methodologies
- operating systems internals
- web application, web api and network/infrastructure testing
- at least 1 of the following testing areas - cloud security, mobile application, binary/client application, red teaming and purple teaming
- advanced-level knowledge of:
- cryptography and cryptographic key management concepts
- payment card industry data security standards
- low-level computer languages and software debugging principles
- competency with any of the following tools: user and kernel-mode debuggers (windbg,x64dbg), ida pro, hex-rays, visual studio, driver verifier
- experienced with the metasploit framework
- experience in security-focused source code reviews (c, c++, java,.net, python, etc.)
- scripting experience with the ability to develop custom scripts, exploits, and tools
- excellent problem-solving skills with the ability to diagnose and troubleshoot technical issues
- works with a great deal of independence
- possess excellent written and verbal communication skills in english
- create professional reports and present security findings to development teams and stakeholders
- customer-oriented with a strong interest in customer satisfaction
essential requirements:
- 12+ years of information security experience
- 8+ years direct or equivalent experience in areas of penetration testing, exploit development, vulnerability research and fuzzing
- bachelor of science in computer science, computer engineering, or electrical engineering or a related technical field or equivalent professional experience
- relevant cybersecurity certifications
- offensive security:
- offensive security certified professional (oscp)
- offensive security certified expert (osce)
- security wireless professional (oswp)
- offensive security experienced penetration tester (osep)
- offensive security web expert (oswe)
- offensive security exploit developer (osed)
- offensive security exploitation expert (osee)
- global information assurance certification (giac):
- giac penetration tester (gpen)
- giac web application penetration tester (gwapt)
- giac exploit researcher and advanced penetration tester (gxpn)
- published or presented security research or security advisories
- public track record of finding impactful vulnerabilities
here’s our story; now tell us yours
dell technologies helps organizations and individuals build a brighter digital tomorrow. Our company is made up of more than 150,000 people, located in over 180 locations around the world. We’re proud to be a diverse and inclusive team and have an endless passion for our mission to drive human progress.
What’s most important to us is that you are respected, feel like you can be yourself and have the opportunity to do the best work of your life - while still having a life. We offer excellen