Senior Pentester

Bishop Fox


3 weeks ago

04/24/2019 05:52:19

Job type: Full-time

Category: Software Dev


Bishop Fox is a leading security consulting firm serving the Fortune 1000 and high-tech startups. We protect our clients by finding vulnerabilities and building defenses before the attackers can break bad. From critical infrastructure to credit cards; social media to mobile games; flight navigation systems to frozen waffle factories — we’re right there hacking away.

We’re seeking remote senior penetration testers to join our team – and help us build a more secure world.

Who You Are and What You’ll Do

You are a born penetration tester; you see problems (and solutions) in everything. You instinctively know your way around source code. You’ve plundered apps and pillaged networks (legally, of course). You have a passion for hacking that goes beyond a career – it’s a way of life for you. At this point, you may have accumulated a few disclosures, blog posts, or talks under your belt. if given the chance, you could probably Hack the Gibson. 

With Bishop Fox, your responsibilities would include testing smart devices before they hit the market, hacking networks, and reversing software. Some days, you’ll be red teaming wireless networks and participating on social engineering engagements. Other days, you’ll be analyzing source code and building threat models. Every day at Bishop Fox, you’ll be learning.

As a consultant, you’ll solve challenging technical problems and build creative solutions. As a trusted advisor, you’ll provide your expert opinion to help our clients navigate difficult business decisions. And as a senior penetration tester, you’ll lead teams on one-of-a-kind engagements, mentor co-workers, and contribute significantly to the advancement of our consulting practice.

Why Bishop Fox

Bishop Fox offers competitive salary, generous benefits, flexible schedules, and negotiable travel. If you’re looking for opportunities to grow professionally, this is the place. You’ll work alongside some of the most talented and experienced security consultants in the industry.

We have a casual workplace environment, but we‘re consummate professionals.

Your Education and Experience

Our wants are simple: be good at and, most importantly, love what you do. Here’s a list of qualities we’re looking for, but don’t think that you need them all: 

  • Vulnerability assessment
  • Penetration testing and code review
  • Understanding security fundamentals and common vulnerabilities (e.g., OWASP Top Ten)
  • 2 - 5 years of application security experience
  • More than 3 years of security consulting experience
  • Additional experience in IT, security engineering, system and network security, authentication and security protocols, and applied cryptography
  • Scripting/programming skills (e.g., Python, Ruby, Java, JS, etc.)
  • Network and web-related protocol knowledge (e.g., TCP/IP, UP, IPSEC, HTTP, HTTPS, routing protocols)
  • Federal and industry regulations understanding (e.g., PCI, SOX, GLBA, ISO 17799, HIPAA, CA1386)
  • Strong communication skills (i.e., written and verbal)
  • CISSP, OSCP/E, GWAPT, GPEN, or GXPN certifications are helpful, but not a necessity
  • Advanced relevant academic training is a definite bonus
  • The self-discipline to work independently; as a remote worker, the same will be asked of you as all Bishop Fox team members.

Candidates across the country (or even the world) are welcome to apply.

Interested? Drop us a line today.

Please mention that you come from Remotive when applying for this job.

Help us maintain Remotive! If this link is broken, please just click to report dead link!

similar jobs

  • Jilt (Worldwide)
    Today

    Howdy 👋We’re the folks at Jilt, an email marketing platform built for eCommerce. We help thousands of stores grow sales with emails that delight their customers. Our team is 100% remote, with 21 people distributed all over the world. 

    We’re looking for a smart, detail-oriented front-end engineer to join our team and help build fast, intuitive interfaces in React.

    You should be...

    • Deeply experienced with React, JavaScript, and CSS
    • Adept at translating user stories into detailed engineering implementation tasks
    • Detail-oriented & curious, with a drive to understand and solve technical challenges
    • A self-starter, comfortable working independently and taking a high level of responsibility
    • Dedicated to constant learning and sharing your knowledge

    Bonus points if you also have…

    • Experience using React alongside Ruby on Rails, or other MVC frameworks
    • Angular/Vue experience

    You’ll be responsible for…

    • Building features, tweaks, bug fixes, and refactors based on specs in Clubhouse stories (derived from both customer feedback and our product/support teams)
    • Adhering to internal code standards and best practices while suggesting new ones for team consideration
    • Carefully user-testing your own work and implementing feedback from code review
    • Providing detailed code reviews to your teammates
    • Updating our internal wiki & documentation
    • Assisting our support team with troubleshooting challenging issues

    Why you’ll love working with us…

    • Kind, wonderful teammates that enjoy their work as much as you do
    • Competitive salary
    • Annual company retreats (read about last year's adventure in Lake Tahoe!)
    • Fantastic benefits: 27 days paid time-off, full health insurance (medical, dental, and vision), retirement contributions, paid parental leave, and more!
    • Transparent culture (check out our team wiki)

    Curious to hear more? Learn more about the position and apply here. Applications accepted through June 7th. We can’t wait to meet you!

    We support workplace diversity and do not discriminate on any protected class. We believe when we work together as a team of different views, experiences, and ideas, we can build amazing things.

  • Rainforest QA is an on-demand QA solution. It’s our mission to enable development teams to deliver bug-free software while moving at the speed of continuous delivery.


    Our headquarters are in the heart of San Francisco’s financial district but we are truly a global team, allowing us to bring together the best and most diverse talent. Our commitment to the distributed team model and to our company values has earned us multiple culture and workplace awards and helped us build a diverse team of individuals working toward the same goal: change the way QA is done.

    Learn more about Rainforest QA by visiting our LinkedIn, Glassdoor, Instagram, and Facebook pages.


    Senior Software Developer

    As a Senior Software Developer at Rainforest QA you'll be part of an experienced and diverse team with members all over the world. We were built as a distributed team from the beginning and we've committed to implementing tools and processes that allow for and support continuous and effective communication - across the world! We get together several times a year, at our headquarters in San Francisco, to cement our work relationships and ties to the company and to have some fun together!

    What you’ll do

    Develop and test product features within sprint cycles in Ruby on Rails (and other modern technologies)

    Collaborate with product managers, designers, and business teams to define new product features

    Act as a mentor to other engineers throughout the software development process

    Triage bugs and troubleshoot production issues alongside our Support Team

    For more information on the types of projects you'll be working on, check out our Github:https://github.com/rainforestapp

    What we’re looking for

    4+ years experience with Ruby-on-Rails (or similar technology), 12-factor apps, Postgres (or other SQL databases)

    Experience with git or other distributed SCM systems

    Ability to work effectively both independently and collaboratively with a team

    Love of writing unit tests and reviewing code

    Bonus points for

    Exposure to Golang and Elixir

    How we’ll reward you

    Flexible, remote work options

    Generous vacation time

    Competitive compensation and stock options

    Professional development, career coaching, and conference attendance

    2x per year onsites; we’ll fly you into our beautiful San Francisco office to spend quality time with your teammates, and 1x a year offsite to a fabulous destination with your team!

    OUR COMMITMENT TO DIVERSITY AND INCLUSION

    At Rainforest QA we believe that diverse teams improve our business. We are an equal opportunity employer and do not discriminate on the basis of race, religion, color, nationality, gender, sexual orientation, age, marital status, veteran status, or disability status.

  • 2 months ago

    On being a Security Engineer at balena

    We maintain a service infrastructure for IoT devices and provide our own device operating system. You will design, develop and deploy security controls and concepts strechting from cloud based applications to systems that run on embedded devices.

    People who are successful engineers are well-rounded generalists and great communicators. They are eager to take responsibility for a project, and are able to make good decisions about the project because they have the context of what's important.

    We don't require engineers to be already familiar with the technologies we use. We are happy to invest in people that showcase a strong understanding of the challenges of building secure distributed systems.

    Responsibilities

    • Actively invest back in our own technology, libraries, and frameworks
    • Be highly motivated to produce great code
    • Understand security best practices and strive to apply them in your work
    • Assist in new security control initiatives
    • Assist with the development and documentation of security architectures and roadmaps
    • Evaluate and address security reports and security problems
    • Design, architect, and own the execution of your projects
    • Ensure the architecture of our distributed system remains cohesive
    • Collaborate, brainstorm, and coordinate work with other balenistas
    • Understand the high-level goals, and thus know how to prioritize your work
    • Work efficiently with a certain amount of ambiguity in the tasks you're executing

    About balena

    Balena provides a software platform that helps developers build, deploy and manage code on connected devices. We brought Docker to embedded GNU/Linux devices in 2013 and have been building our IoT toolkit ever since. We also maintain a variety of successful open source projects including EtcheropenBalenabalenaOS and balenaEngine and made contributions to high-exposure projects such as DockerElectron, and AppImage.

    Our technology is open, standards-based, and proven in production across a wide range of scenarios from drones, 3D printers, point-of-sale devices, tidal turbines, skyscrapers and more. Our investors include DFJ, Aspect Ventures, GE, and Ericsson.

    Balena is a highly distributed, remote-friendly company with a pretty much flat hierarchy. Our organization is adaptive, getting feedback signals from our users and systems. Right now we organize ourselves by projects, which allow us to build complex features and solve big problems, while staying mutable. As a distributed group, we rely on clear communication and the rule of "assume positive intent" to help us work together across time zones, cultures and first languages. Our base of operations is nominally London, though really we are living all over the world: from Barcelona to Bulgaria, Argentina to Vietnam, and many more.

    REQUIREMENTS

    Need to have:

    • Desire to make yourself and others more effective. You'd be bothered by an inefficient process
    • Good understanding of software engineering practices and how to apply them
    • Excellent written communication skills, and fluency in English
    • Self-discipline to take on a project and push it to completion without too much management. You also know when to ask for help
    • Highly organized, able to handle many threads at once, and keep things moving
    • Ability to identify security issues and risks, and develop mitigation plans
    • Strong knowledge of current security threats, trends, and mitigations
    • Knowledge of network and web related protocols (e.g. TCP/IP, HTTP/S, SSH, OAuth2, SAML)

    Nice to have:

    • A sample of your work (URL or attached sample)
    • Contributions to OSS projects (please include a URL)
    • Having worked remotely before
    • Experience with balena as a user
    • Experience with embedded GNU/Linux, anything ranging from personal projects with a Raspberry Pi to commercial or industrial scenarios with custom devices
    • Experience and detailed technical knowledge of security engineering, system and network security, authentication and security protocols, cryptography, and application security

    Make sure to let us know if any of these items apply to you!

    BENEFITS

    • Work with an extremely talented, diverse team
    • Equipment of your choice
    • Remote-friendly
    • Flexible working hours
    • Generous vacation policy
    • Annual company gathering in an international location
    • We send you hardware for side projects!

Remotive can help!

Not sure how to apply properly to this job? Watch our live webinar « 3 Mistakes to Avoid When Looking For A Remote Startup Job (And What To Do Instead) ».

Interested to chat with Remote workers? Join our community!