Job Abstract
Short description of the role
Our Cybersecurity team is growing in numbers and capabilities! If you are passionate about Cybersecurity, new ideas and solutions – Join us to embark on a diverse and exciting career path in a dynamic, high-tech environment. Our teams are creative and friendly, providing a wide range of Cybersecurity-related services at HP.
What a Penetration Tester does at HP:
The role is part of a talented team of security engineers and architects within HP Cybersecurity’s Architecture & Security Engineering team. Our security engineers are responsible for ensuring the security of HP products, solutions, and infrastructure. Our security engineers primarily perform manual testing with the assistance of automated tools to identify a complex set of vulnerabilities across a wide range of products and technologies.
Responsibilities:
- Identifies HP system vulnerabilities, attacks, and threats run analyses on security incidents and threats and research appropriate countermeasures.
- Uses knowledge of the HP environment to scope the extent and impact of any vulnerability, attack, or breach.
- Resolves HP security issues related to security vulnerabilities, incidents, and threats through independent analysis and/or research.
- Consults development and product teams on vulnerability remediation.
- Develops, enhances, and maintains HP’s security solutions based on HP security system analysis, research, and incident resolution.
- Operates as a key team member on security teams and advises on methods to improve security solutions.
Individuals who do well in this role at HP, usually possess:
Knowledge and Skills required:
- A manual review of the code, along with the use of automated testing tools, such as Burp Suite, is essential to locate flaws in pen testing.
- Search for weaknesses in common software, web applications and proprietary systems
- Research, evaluate, document, and discuss findings with Cybersecurity, application, product, and management teams
- Review and provide feedback for information security fixes
- Establish improvements for existing security services, including hardware, software, policies, and procedures
- Stay updated on the latest malware and security threats
- Advanced Cybersecurity and IT security knowledge.
- Advanced understanding of Cybersecurity and IT security risks, threats and prevention measures.
- Advanced understanding of relevant programming and scripting languages (Perl, Python, PowerShell, HTML, JavaScript, etc.).
- Advanced security system analysis skills.
- Advanced understanding of security standards and best practices.
- Advanced understanding of networking and network security.
- Advanced understanding of network monitoring and protocols.
- Advanced understanding of:
- Off-the-shelf vulnerability assessment products and tools.
- Network security devices (firewalls, proxies, NIDS/NIPS, etc.).
- Platform and application-layer penetration testing techniques.
- Adversary techniques, tactics, and protocols and related countermeasures.
- Dynamic and static malware analysis techniques.
- Network security monitoring.
- Memory analysis techniques.
- Malware reverse engineering techniques.
- Digital Forensics.
Certification and Experience Required:
- Technical Cyber Security Certification through one of the recognized bodies preferred: SANS, ISACA, (ICS)2, CompTIA, Cisco, CERT, etc.
- 6+ years of relevant experience desired
Sustainable impact is HP’s commitment to create positive, lasting change for the planet, its people, and our communities. This serves as a guiding principle for delivering on our corporate vision – to create technology that makes life better for everyone, everywhere.
