Senior Penetration Tester
HumanaSalary not specified
Full Time
Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
CybersecurityIndustries
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, Computer or Electrical Engineering, or equivalent experience
- 5+ years of experience in penetration testing, red teaming, or vulnerability research
- Strong understanding of network protocols, web application security, and firmware architectures
- Proficiency with tools such as Burp Suite, Nmap, Nessus, Metasploit, IDA Pro, Ghidra, binwalk, Scapy, Wireshark, and OWASP ZAP
- Working knowledge of web technologies (HTTP/S, REST, TCP/IP, DNS, SMTP), Linux internals, and scripting languages (Python, Bash, PowerShell)
- Ability to perform source code reviews in C/C++, Java, C#, or Python for security flaws
- Strong communication skills — capable of presenting technical findings to both engineers and management
- High attention to detail, strong analytical thinking, and self-driven approach to testing complex environments
- Preferred Qualifications
- Certifications: CEH, OSCP, GPEN, GWAPT, OSWE, GREM, or equivalent
- Experience with secure development lifecycle (SDLC) integration and DevSecOps automation
- Familiarity with exploit development, fuzzing frameworks (boofuzz, Peach), or custom tools
Responsibilities
- Perform manual and automated penetration testing across web applications, firmware, and network appliances
- Identify, exploit, and document vulnerabilities across diverse layers — from web interfaces to embedded firmware and network protocols
- Conduct vulnerability scanning of SonicWall products, VMs, servers, and backend systems
- Execute firmware and binary analysis using tools such as IDA Pro, Ghidra, and binwalk to uncover low-level security flaws
- Perform web and API pen testing targeting OWASP Top 10 and emerging web vulnerabilities (e.g., SSRF, deserialization, logic flaws)
- Assess firmware update mechanisms, cryptographic implementations, and secure boot processes for tampering or privilege escalation risks
- Prepare detailed vulnerability reports including exploit paths, root cause analysis, and recommended remediations
- Collaborate closely with engineering, QA, and development teams to identify, validate, and mitigate vulnerabilities — ensuring SonicWall products meet the highest standards of security and resilience
- Support PSIRT investigations, including triage of internally discovered and externally reported vulnerabilities
- Contribute to tooling, automation, and scripts that enhance penetration testing efficiency and coverage
- Conduct independent research on novel web, network, and firmware vulnerabilities
- Develop internal methodologies and knowledge base for consistent test execution across product domains
Skills
Penetration Testing
Vulnerability Assessment
IDA Pro
Ghidra
binwalk
OWASP Top 10
Firmware Analysis
Binary Analysis
Web Application Testing
API Testing
Network Protocols
SonicWall
Provides cybersecurity solutions and services
About SonicWall
SonicWall provides advanced cybersecurity solutions to protect organizations from various cyber threats. Their product offerings include firewalls, secure remote access, email security, and advanced threat protection, all designed to safeguard networks, devices, and data from issues like ransomware, malware, and phishing attacks. SonicWall's products work by monitoring and controlling incoming and outgoing network traffic based on predetermined security rules, ensuring that only safe data is allowed through. Unlike many competitors, SonicWall offers a comprehensive suite of security products along with subscription-based services that provide ongoing updates and support, which helps clients stay protected against evolving threats. The company's goal is to deliver essential security solutions to a diverse range of clients, including small to medium-sized businesses, enterprises, and government agencies, ensuring their safety in an increasingly digital world.
Milpitas, CaliforniaHeadquarters
1991Year Founded
$48MTotal Funding
ACQUISITIONCompany Stage
Consulting, CybersecurityIndustries
1,001-5,000Employees
Benefits
Remote Work Options
Hybrid Work Options
Risks
Recent vulnerabilities in SMA products could harm SonicWall's reputation.
Integration challenges with CrowdStrike may affect service delivery.
Competitive pressure on TZ80 solution could impact SonicWall's market share.
Differentiation
SonicWall offers a comprehensive suite of security products and services.
The company specializes in advanced threat protection for diverse clients.
SonicWall's solutions include firewalls, VPNs, and email security.
Upsides
Growing demand for AI-based threat detection boosts SonicWall's market potential.
Partnership with CrowdStrike enhances SonicWall's offerings for SMBs.
Expansion of 5G networks increases demand for SonicWall's network security products.
Related Jobs
RemoteRemoteSr. Vulnerability Management Engineer (Remote)
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSecurity Analyst
Qualified.com$130,000 - $145,000/year
- Full Time
- Junior (1 to 2 years)
RemoteSenior Application Security Engineer
M&T BankSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteRed Teaming Domain Expert - AI Training (Contract)
HandshakeSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemotePrincipal Security Engineer
Eli Lilly and CompanySalary not specified
- Full Time
- Senior (5 to 8 years)