Sr. Security Engineer, Penetration Testing DC/Chicago
Chicago, IL

Job Description

Overview

You will be a member of the CyberDefense team and responsible for conducting manual penetration testing, creating/maintaining automated penetration testing solutions, documenting penetration testing methodologies, helping application teams improve their development processes, and maturing our assessment program

This role will require execution of both web application and network penetration assessments. This is not a "run a vulnerability scan and check to see what's in Metasploit" role. A candidate should have a demonstrable understanding of information security, computer science, networking, applications, databases, and operating system functionality and be able apply this understanding to advanced concepts such as application manipulation, exploit development, and stealthy operations.

This role will also be responsible for the ongoing maturity of these environments and will be responsible for security assessments (i.e. leading pen-testing, architecture/configuration reviews, threat modeling), identifying process maturity improvements, supporting information security objectives on in-flight projects and driving remediation.

Additionally, this role will support the Detection and Response team's engineering and operations functions. Responsibilities will include:

* Analysis of event feeds, intelligence, malware samples, and incident data for evidence of malicious or anomalous activity, and to better understand adversary tactics, techniques and procedures (TTPs).
* Authoring and implementation of original detection rules for various monitoring systems on the basis of current threats, vulnerabilities, or other specifics to the BCBSA computing environment.
* Development of custom tools to detect malicious activity at the user, host, and network levels, either as stand-alone tools or as prototypes of more complex solutions.
* Ingest, create, and share intelligence, TTPs, and threat data Indicators of Compromise (IOCs).
* Triage and short-term analysis of real-time data feeds (such as system logs and alerts) for potential intrusions (i.e. hunting).

Support engineering and vulnerability management programs.

Responsibilities

Responsibilities include but are not limited to:

* Analysis of event feeds, intelligence, malware samples, and incident data for evidence of malicious or anomalous activity, and to better understand adversary TTPs


* Incident response


* Drive FEP Process maturity


* Vulnerability Management (VM) and engineering


* Penetration testing & vulnerability research
* Produce high-quality penetration testing reports

Qualifications

Required Basic Qualifications:

* BS degree in Computer Science, MIS, Computer Engineering or equivalent work experience
* 5 years' experience in one or more of the following: incident response, application security, network security, security operations, security monitoring.
* Able to perform targeted penetration tests and exploitations without the use of automated tools
* Advanced understanding of security engineering, system and network security, cryptography, application security.
* Demonstrated experience with core technical domains such as operating systems (Linux and Windows), databases, and networking.
* Demonstrated ability to champion a program and drive successful completion while delivering.
* Strong familiarity with OWASP Top 10 and ability to assess risk based on established methodologies (i.e. OWASP Risk Rating Methodology).

Preferred Qualifications:

* Experience with red teams or CTF (Capture the Flag).
* Familiarity with integrating penetration tests with an SDLC process.
* Experience with driving company-wide initiatives.
* Expert-level understanding in at least one core area of Information Security.
* Experience with multiple programming languages, especially scripting languages (such as Python, Ruby, Perl, etc.)
* Experience with reverse engineering.
* Excellent written and verbal communication skills.
* Experience with exploit code and security tool development.
* Experience with mobile apps and API (REST, SOAP) assessments .
* Experience with white box testing (identifying vulnerabilities via code review).
* Demonstrable teamwork skills and resourcefulness.
* Sharp analytical abilities and proven design skills.
* Experience providing training and mentorship.

Equal Opportunity Employer

Blue Cross Blue Shield Association is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, national origin, age, gender identity, disability, veteran status, genetic information or any other legally protected characteristics.