Mobile and Web Application Penetration Tester (Remote)

Employer
GEICO
Location
Chevy Chase, MD
Posted
Dec 07, 2022
Closes
Dec 10, 2022
Ref
726359680
Function
Accountant, IT
Hours
Full Time
Use data to make strategic decisions. GEICO Technology Solutions Cyber Security is seeking a Mobile and Web Penetration tester for its new Cyber Adversary Simulation and Red team. This dedicated team will perform penetration testing against web applications, our networks, and data stores. Additionally, they will employ social engineering to identify weaknesses in business processes and policies. In creating its test plans, the team will coordinate with application architecture teams, Underwriting Fraud, Claims Fraud, Cyber Threat Intelligence, and other teams to ensure alignment. It will also deliver a continuous view into corporate hygiene and attack surface through the use of breach and attack automation tools. Finally, it will provide metrics tracking testing coverage (visibility), time to remediate issues, and detection efficacy to show gaps and improvement opportunities. Responsibilities Include: Conduct Web application, API, and Mobile Application penetration testing Performing sophisticated adversary simulation operations against GEICO's systems to identify gaps in prevention, detection, and/or response Research, develop, and apply TTPs of relevant threat actors to simulations Provide subject matter expertise on offensive security Leverage threat intelligence to hunt for indicators of compromise and vulnerabilities Managing and improving breach and attack simulation tools Collaboration with enterprise defenders to improve detection and response Creating and following rules of engagement Ideal Candidates Can: Write penetration testing reports on time, with extensive evidence, and excellent grammar Think like an adversary and like a defender Fully understand and apply TTPs, MITRE ATT&CK, and MITRE Pre-ATT&CK to report writings and presentations Plan an attack from reconnaissance to initial access to mission target and finally to successful exfiltration/egress Experience with scripting and editing existing code and programming, including Perl, Python, Ruby, Bash, C/C++, C#, or Java Use automation and scripting languages Read and write relevant programming languages Experience rooting or jailbreaking mobile devices. Experience with LTE and GSM protocols Working knowledge of Frida or Radare2 Experience conducting security assessments on IoT platforms Familiar with iOS or Android operating systems Experience performing network and application penetration testing in-depth understanding of enterprise networks and security defenses Understanding of network protocols, *nix, and Windows operating system functionality Strong knowledge of cybersecurity tooling and technology Experience or strong understanding of cloud concepts and platforms Benefits : At GEICO, we make sure you have the support and resources to leverage and develop your skills, secure your financial future, and take care of your health and well-being. GEICO continually seeks to provide a workplace where everyone can be their authentic self. To help achieve this goal, we support associate-led Employee Resource Groups that foster a true sense of community. Through GEICO s competitive benefits offerings and various training and development opportunities, we have you covered with our Total Rewards Program* that includes: Premier Medical, Dental and Vision Insurance with no waiting period** Paid Vacation, Sick and Parental Leave 401(k) Plan Tuition Reimbursement Paid Training and Licensures *Benefits may be different by location. Benefit eligibility requirements vary and may include length of service. Coverage begins on the date of hire. Must enroll in New Hire Benefits within 30 days of the date of hire coverage to take effect. GEICO is proud to be an equal opportunity employer. We are committed to cultivating an environment where equal employment opportunities are available to all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO celebrates diversity and believes it is critical to our success. As such, we are committed to recruit, develop and retain the most talented individuals to join our team. #LI-RD2

Similar jobs