Location: Dallas, TX
seventh in Forbes " World's Best Employers"Do you have the skills to fill this role Read the complete details below, and make your application today. This is an environment unlike anything in the high-tech world and the secret of Costco's success is its culture.
The value Costco puts on its employees is well documented in articles from a variety of publishers including Bloomberg and Forbes. Our employees and our members come FIRST. Costco is well known for its generosity and community service and has won many awards for its philanthropy. The company joins with its employees to take an active role in volunteering by sponsoring many opportunities to help others. Come join the
Costco Wholesale IT family. Costco IT is a dynamic, fast-paced environment, working through exciting transformation efforts. We are building the next generation retail environment where you will be surrounded by dedicated and highly professional employees.
The role of each Information Security team member is to support the overarching values and business goals of Costco Wholesale, including meeting legal, ethical and regulatory obligations; protecting member privacy; and maintaining a security technology environment for our operations. Penetration testers provide consultative services, working with internal business team members to conduct service engagements for security testing. Penetration
testers perform reviews of system architecture documentation; create scopes of work for engagements, conduct security testing engagements on scoped assets, systems, processes, and/or employees; mentor team members.
If you want to be a part of one of the worldwide BEST companies " to work for" simply apply and let your career be reimagined. ROLE Automates, documents, shares, educates, delegates, and improves processes. Builds prototypes of potential features. Creates conceptual and detailed technical design documents and standards. Enhances automation of applications, systems, and platforms and identifies opportunities for streamlining, and continuous process improvement.
Applies knowledge to practical and sustainable applications and capabilities. Partners with project managers, solution leads, and other stakeholders to establish the rough order of magnitude estimates, to create and maintain a robust framework to support applications, and to deliver quality solutions. Contributes, interprets, and communicates enterprise, technical, project, and operational strategies to the team. Develops team vision to drive new capabilities against a published roadmap, in conjunction with management. Ensures that proposed and existing systems are aligned with organizational standards, goals, and objectives.
Leads comprehensive backssments of features and large-scale applications and environments. This includes mapping out the surface area and backssing prioritization based on time, resource, and general importance tradeoffs. Works with Compliance, Internal Audit, and Business teams to identify, test and analyze risks. Works with stakeholders to provide security engagements to test their systems and business requirements. Assumes a leadership role in advocating internally and externally for compliance to security measures to protect cloud-based applications and environments.
Documents security findings from penetration testing engagements and reports the risks of those findings to the business owner and management. Finds vulnerabilities in various spaces such as web applications, native applications, database systems, authentication flows, distributed systems and designs, and protocols. Pulls from a flexible knowledgebase of topics such as OWASP, memory corruption, privilege escalation, networking, and etc. to find both common and uncommon issues. Researches and remains up to date with emerging threats and Threat Emulation methodologies.
Communicates Information Security matters clearly to executives, auditors, end users, and engineers, using appropriate language, examples, and tone. Works collaboratively to solve problems with groups, find win/win solutions and celebrate successes. Works with Incident Response team as necessary to consult on discovered security incidents by informing appropriate custodians, determining root cause, and actions (if necessary) required to re-establish respective information system security. Navigates through an ecosystem of multiple domains, technologies, protocols, and stakeholders.
Creates new tools to support pen tests efforts. Provides subject matter expertise support in the detection, analysis, and mitigation of malware, trends in malware development and capabilities, and proficiency with malware analysis capabilities. Participates in team activities and team planning in regards to improving team skills, awareness and quality of work. Takes responsibility for continued personal growth in the areas of technology, business knowledge, and Costco policies and platforms. REQUIRED 1+ years' experience performing penetration testing for PCI-DSS compliance. 1+ years' experience with backssing APT threats, penetration testing, vulnerability management, attack methodologies, forensics analysis techniques, malware analysis, attack surface comprehension, Cyber Threat Emulation operations, Cyber Advanced Threat Emulation Team operations and research, identification, and verification of new APT TTPs.
Proven operational experience in penetration testing or cyber threat emulation. Experience and security knowledge around native applications, web applications, distributed and database systems. Proficiency in scripting in one or more languages (e. g. C/C++, Ruby, dotnet, js, python, sql, Powershell, others).
Exposure or experience with tools such as; Kali Linux, Metasploit, Burp suite, Cobalt Strike, Tenable Nessus, Web Inspect, IDA PRO. Ability to ramp up and understand new designs, systems, and technology. Understands security issues for large scale cloud services and network infrastructures. Understands software development processes and hybrid-cloud based infrastructure. Thorough experience with Windows, Linux, and cloud environment testing. Experience developing custom exploits and exploitation tools in support of authorized penetration tests or cyber threat emulation exercises.
Expertise in policies, industry trends, and techniques related to penetration testing. Subject matter expertise in Advanced Persistent Threat or Emerging Threats. Grasps both the technical and non-technical details such as to enumerate inappropriate or abusable security expectations. Demonstrates a logical and structured approach to time management and task prioritization. Strong proficiency in pen test report writing. Ability to handle highly confidential information in a strictly professional manner. High enthusiasm, integrity, ingenuity, results-orientation, self-motivation, and resourcefulness in a fast-paced environment.
Depending on the pen test requirements, 1 or more team members may be required to work outside of regular business hours for the duration of the engagement. Recommended A relevant degree. OSCP knowledge. One or more certifications related to penetration testing, or: GCIA, GCED, GCFE, GCTI, GNFA, GCIH, CND, ECSA, OSEE, OSCE, GCFA, GREM, CHFI, CEH, GPEN, GWAPT, GISF, GXPN. Red Teaming including, leading a targeted operation (planning, scoping, approval, reconnaissance & discovery, execution of attacks, pivoting, persistence, and remediation).
Some pen test engagements may need 1 or more team members to travel. Required Documents Cover Letter Resume California applicants, please click here to review the Costco Applicant Privacy Notice. Pay Range: Level 2: $145,000 - $175,000, Bonus and Restricted Stock Unit (RSU) eligible Level 3: $165,000 - $195,000, Bonus and Restricted Stock Unit (RSU) eligible Level 4: $185,000 - $220,000, Bonus and Restricted Stock Unit (RSU) eligible We offer a comprehensive package of benefits including paid time off, health benefits - medical/dental/vision/hearing aid/shop/behavioral health/employee assistance, health care reimbursement account, dependent care assistance plan, short-term disability and long-term disability insurance, AD&D insurance, life insurance, 401(k), stock purchase plan to eligible employees.
Costco is committed to a diverse and inclusive workplace. Costco is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard of race, national origin, gender, gender identity, interactionual orientation, protected veteran status, disability, age, or any other legally protected status. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to IT-Recruiting@In some cases, applicants and employees for selected positions will not be sponsored for work authorization, including, but not limited to H1-B visas.
PDN-9abdaaf6-9e97-4c66-9a0c-614924287d6e For more details: jobs-search. org/architecture-construction_dallas-c448655/penetration-test-engineer-threat-exposure-dallas_i1959025372
Engineering jobs encompass a variety of roles focused on designing, developing, and maintaining structures, machines, and systems. These roles often require a strong foundation in math and science, as well as specialized knowledge in disciplines such as civil, mechanical, electrical, or software engineering. Key features of these jobs include solving technical problems, innovating solutions, and improving functionality and efficiency. Engineers typically work in collaborative environments, bridging theoretical concepts with practical applications to advance technology and infrastructure.
Engineering jobs encompass roles that involve applying scientific and mathematical principles to design, develop, and maintain structures, machines, materials, systems, and processes. These positions are characterized by innovation, problem-solving responsibilities, and the need for technical expertise. Engineers can specialize in various fields such as civil, mechanical, electrical, chemical, and software, among others. They are essential in shaping the infrastructure of the modern world, formulating solutions to complex challenges, and driving technological advancement. Engineering roles often require a strong educational background combined with practical experience, and they stand out for their contribution to societal progress and potential for career growth.
Engineering jobs encompass a variety of roles that involve applying scientific and mathematical principles to solve real-world problems. These positions are typically associated with the design, development, and maintenance of structures, machines, and systems. Engineers are known for their technical expertise, problem-solving skills, and the ability to innovate. Characterized by fields such as civil, mechanical, electrical, chemical, and software engineering, these jobs often require specialized education and can lead to careers in industries like construction, manufacturing, technology, and environmental management. Engineering professionals play a vital role in shaping the future through sustainable and efficient design.
Engineering jobs encompass roles that involve applying scientific and mathematical principles to design, develop, and maintain structures, machines, materials, systems, and processes. These positions are characterized by innovation, problem-solving responsibilities, and the need for technical expertise. Engineers can specialize in various fields such as civil, mechanical, electrical, chemical, and software, among others. They are essential in shaping the infrastructure of the modern world, formulating solutions to complex challenges, and driving technological advancement. Engineering roles often require a strong educational background combined with practical experience, and they stand out for their contribution to societal progress and potential for career growth.
