Senior Manager, Hacker Success Program
HackerOneFull Time
Expert & Leadership (9+ years)
Candidates must have US Citizenship and be willing to undergo a US Government background investigation. A Bachelor's Degree in Cybersecurity or a related field is preferred, along with at least 2 years of experience in penetration testing or red-team assessments. Familiarity with SCAP, CVE, CVSS, CWE, CPE, USGCB, STIGs, NSA Guides, NCP, or Common Secure configurations is required. Experience in three or more of the following areas is necessary: Web Applications, External Networks, Internal Networks, Active Directory, or Cloud Environments (AWS, Azure, GCP). Proficiency with tools such as NMAP, BurpSuite, CrackMapExec, BloodHound, Ansible, Terraform, Git, and AWS is also required. The Offensive Security Certified Professional (OSCP) certification is preferred but not required.
The Penetration Tester will conduct web application, API, network, and cloud penetration tests using common tools, tactics, techniques, and procedures. Responsibilities include analyzing exploits, automating red teaming and penetration testing techniques using scripting languages like Golang, Python, JavaScript, Bash, PowerShell, conducting security assessments of cloud environments and source code, and performing penetration tests according to standard methodologies such as OWASP, NIST, and PTES. The role involves utilizing custom penetration testing tools, frameworks, and infrastructure, assessing the risk of discovered vulnerabilities, documenting and delivering technical reports with remediation recommendations, and collaborating with clients on assessment status and findings. Additionally, the tester will contribute to evolving the company's capabilities and toolset.
Unified defensive and offensive cybersecurity solutions
UltraViolet Cyber focuses on enhancing cybersecurity for organizations by integrating both defensive and offensive security operations. Their main services include Managed Detection and Response (MDR), which provides continuous monitoring and response to cyber threats, and Penetration Testing as a Service, where they simulate cyber attacks to find and fix vulnerabilities. This company stands out from competitors by combining the expertise of Red Team (offensive) and Blue Team (defensive) professionals, ensuring that security measures are both proactive and reactive. The goal of UltraViolet Cyber is to help organizations improve their resilience against cyber threats and protect their sensitive data and infrastructure effectively.