Vacancy caducado!
Location: 7000 Target Pkwy N, Brooklyn Park, Minnesota, United States, 55445
About us: Target is an iconic brand, a Fortune 50 company and one of America's leading retailers. Target as a tech company? Absolutely. We're the behind-the-scenes powerhouse that fuels Target's passion and commitment to cutting-edge innovation. We anchor every facet of one of the world's best-loved retailers with a strong technology framework that relies on the latest tools and technologies-and the brightest people-to deliver incredible value to guests online and in stores. Target Technology Services is on a mission to offer the systems, tools and support that guests and team members need and deserve. Our high-performing teams balance independence with collaboration, and we pride ourselves on being versatile, agile and creative. We drive industry-leading technologies in support of every angle of the business, and help ensure that Target operates smoothly, securely and reliably from the inside out. The core role of Security Testing Services is to provide Penetration Testing and Application Security Testing services to Target team members. The Penetration Testing Team is responsible for the automated and manual analysis of systems and applications to identify security flaws. The team proactively finds security vulnerabilities, test responses, and strengthens security offerings using coordinated simulated attacks against Target-owned systems and resources using pre-defined and approved tests. As a Lead Engineer, you will independently conduct pen tests, and suggest improvements to the testing process. You will detect and exploit vulnerabilities manually and develop tools and techniques to assist the team with improving skills and capabilities. About You:- 3+ years' experience, prefer 5 years, in the following:
- Information Security roles (Pentest/Red Team/Incident Response/etc.)
- Preferably 3+ years' experience in penetration testing
- Preference for formal education:
- 2-4 years of college/vocational education in the field
- Formal training in the course of employment history
- Generalist Certifications:
- CISSP, SANS certifications (GSECIH/GICSP/etc.)
- Specialist Certifications:
- Offensive Security: OSCP/OSCE/etc.
- SANS: GPEN/GWAPT/GXPN/etc.
- Intermediate to advanced scripting / development experience
- JavaScript, Python, C/C, Ruby preferred
- Intermediate to advanced computing concepts such as application architecture and network segmentation.
- Intermediate to advanced usage of security tools such as Kali Linux, Nmap / Nessus, Burp / ZAP, Wireshark / TCPDump
- Deep understanding in at least one domain (Encryption/Encoding, Binary Exploitation, DB Injections (SQLi/noSQLi), File Includes (LFI/RFI), Deserialization attacks, OSINT methodology, Container breakouts, Wi-Fi attacks, Reverse engineering, IOT Hacking)
- Excellent verbal and written communication skills to clearly communicate the implications and impacts of vulnerabilities
- Experience with mentoring junior members, providing constructive, individualized feedback.
Vacancy caducado!