\nSynackโs Penetration Testing as a Service platform manages customersโ attack surfaces by discovering new assets, pentesting for critical vulnerabilities and gaining visibility into the root causes of security risks. We are committed to making the world more secure by harnessing a talented, vetted community of security researchers to deliver continuous penetration testing and vulnerability management, with actionable results. Synack's PTaaS platform has uncovered more than 71,000 exploitable vulnerabilities to date, protecting a growing list of Global 2000 customers and U.S. agencies in a FedRAMP Moderate Authorized environment. For more information, please visit www.synack.com.\n\nWe are looking for a talented penetration tester with experience in various types of offensive security engagements to help us establish and build a new team within Synack. Since the team is new and will start small, we are seeking candidates with a variety of skills who are looking to collaborate with one another and pick up things that they havenโt already mastered on the fly.\n\nPlease note: This is a remote position performing work for customers in the New York City area which requires occasional onsite work. For that reason, we are only considering candidates that are within commuting distance to New York City. We can only hire US Citizens for this role.\n\nSounds interesting? Keep reading...\n\nHereโs what you'll do\n\n\n* Perform web and host penetration tests both onsite and remote as needed\n\n* Participate in discussions with clients to learn about their environment and applications, learn about what they want tested, agree upon scope and Rules of Engagement, and organize test schedules\n\n* Create detailed technical reports describing how vulnerabilities were found, how you exploited them, and how they should be remediated\n\n* Produce executive summary reports that communicate business risk of the vulnerabilities that you identify and the importance of prioritizing remediation\n\n* Assist customers that have questions about remediation\n\n* Mentor junior penetration testers on and off of assessments\n\n* Travel to client sites up to two times per week to perform onsite assessments\n\n\n\n\nHereโs what youโll need\n\n\n* 4+ years of experience in offensive security\n\n\n* Willing to consider less experienced candidates with high technical aptitude\n\n\n\n\n\n* Experience scoping penetration testing engagements\n\n* Experience performing vulnerability assessments and identifying exploitable vulnerabilities\n\n* Proven ability of identifying OWASP Top 10 vulnerabilities and writing custom payloads to prove exploitation\n\n* Experience briefing engagement results to different customer levels\n\n* Experience classifying vulnerabilities using CVSS\n\n* Excellent written and verbal communication skills\n\n* Experience recommending remediation activities to address findings of a penetration test\n\n* Experience with various scripting languages, i.e. Bash, Batch, Python, PowerShell\n\n* Proven experience developing your own offensive tools (Link to your github)\n\n* At least one advanced industry certification, i.e. OSCP, OSWE, OSEP\n\nCandidates must be US citizens\n\n\n\n\nHere's what will make you stand out\n\n\n* Multiple advanced industry certifications\n\n* Experience performing Red Team and Purple Team exercises\n\n* Project Management experience\n\n* Experience coding in programming languages like C++, C, C#\n\n\n\n\nReady to join us?\n\nSynack is committed to embracing diversity. Our people are our strength. Each addition to our team is an opportunity to grow and diversify our ideas, experiences, and viewpoints. We strive to be inclusive of Race, Ethnicity, Religion, Sex, LGBTQ+, Veterans, Disabilities, and Age. Synack welcomes you!\n\nAs a candidate, Synack cares about your privacy. Please view our candidate privacy policy here.\nThis position has responsibility to ensure Synackโs security and privacy posture is maintained.\n\n$160,000 - $190,000 Salary is determined by a combination of factors including location, level, relevant experience, and skills. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. The compensation package for this position may also include equity, and benefits. \n\nFor more details about our benefits, please see here. Then for the Employer code, enter: synack \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to Senior and Senior jobs that are similar:\n\n
$80,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
\n\n#Location\nNew York City, New York, United States
๐ Please reference you found the job on Remote OK, this helps us get more companies to post here, thanks!
When applying for jobs, you should NEVER have to pay to apply. You should also NEVER have to pay to buy equipment which they then pay you back for later. Also never pay for trainings you have to do. Those are scams! NEVER PAY FOR ANYTHING! Posts that link to pages with "how to work online" are also scams. Don't use them or pay for them. Also always verify you're actually talking to the company in the job post and not an imposter. A good idea is to check the domain name for the site/email and see if it's the actual company's main domain name. Scams in remote work are rampant, be careful! Read more to avoid scams. When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.