Date: Mar 30, 2022
GRL seeks a Manager/ Assistant Manager – Security Services
Headquartered in Silicon Valley, and with over 250 staff in 8 countries, we help engineers solve the toughest design and validation challenges. Since 2010, our affordable end-to-end testing, certification and compliance services and related proprietary instrumentation and software solutions have enabled hardware developers worldwide to implement digital connectivity and charging technologies as they become faster, more complex, and more challenging to test. The combination of market-leading technical expertise, broad capabilities and an intense focus on quality and customer service excellence has seen the company grow rapidly and win recognition as the “go to” expert. But we do much more than just test: we guide, we consult, we analyze, we troubleshoot, and we present useful insights to help our customers understand and improve their products’ performance and ensure their success.
GRL offers competitive salary and benefits.
About the role
As Senior Security expert /Manager- Cyber Security testing expert, you will be a valued member of GRL's Engineering Services team involved in enabling next-generation technologies. Your responsibility includes executing and delivering penetration testing assessments across Network and Infrastructure. Refer to https://www.graniteriverlabs.com/en-us/engineering-services/ for more information.
- The role requires demonstrated ability to conduct offensive penetration testing and engage in IT and business executive discussions related to vulnerability assessment and penetration testing
- Conduct security assessments in both grey box and black box modes
- Well versed with OWASP/ OSTMM
- Solid understanding and exposure in performing Red-Team assessment
- Knowledge and exposure in performing MITRE based offensive penetration testing
- Must have experience in Active Directory and Wi-Fi penetration testing
- Must have experience in Network and infrastructure penetration testing
- OT/ SCADA penetration testing
- Well versed with penetration testing of thick client applications and APIs pertaining to SOAP/ REST
- Deep understanding of authentication protocols and frameworks to include OAuth, OpenID, SSO/SAML
- Must have experience in conducting social engineering and breach assessments
- Cloud Application and Services security testing spread across AWS and Azure
- Good Knowledge of any one scripting language for automation of security test cases
- Vulnerability scanning/ security auditing/ compliance scans with industry leading solutions such as Nessus
- Proficiency with day-to-day pen tester tools such as Burp suite, Metasploit, OSINT tools, post exploitation frameworks such as Cobalt Strike, Android and iOS testing tools
- Influencing organization, customers and peers on area of expertise
- Excellent working knowledge in Microsoft word, Excel and PowerPoint
- Must have experience in Pen testing lab environment
- Knowledge of Quality Management system requirements and Lab quality management system is desirable
- Degree in Computer Science or Engineering (Master Degree is desirable)
- Experience: 6 and above
- Desired Certification: One or more from the list: OSCP (Offensive Security Certified Professional), CRTP (Certified Red Team Professional), GPEN (GIAC Penetration Tester)
- Security certifications like OSCP/ OSCE/ CRTP/ CRTE /CRTO/ GPEN/ GXPN/ EWPX/ ECPTX would be a plus.
- Superlative written and verbal communication skills; should be able to explain technical observations in an easy-to-understand manner.
- Solid understanding of application security, especially network applications.
Key Personal Attributes:
- Client facing experience is a must
- Interpersonal skills to interact in team environment and foster client relationships
- Ability to communicate technical risk issues effectively, to customers who may, at times, have a non-technical background
- Ability to write technical reports, detailed presentations and documentation
- Demonstrated understanding of the importance of business ethics
- Must be able to handle highly confidential information in a strictly professional manner
- Must be able to maintain professional demeanor in times of high stress
- Project and people management skills
GRL is an Equal Employment Opportunity Employer.
Submit your CV to firstname.lastname@example.org.