Offensive Privacy Tester
Posted on Sep 20, 2024 by Velocity Staff
Leawood, KS
Other
Immediate Start
Annual Salary
Full-Time
Overview:
Offensive Privacy Tester
We are looking for an experienced Offensive Privacy Engineer. In this role, you will conduct offensive privacy testing and identify vulnerabilities and/or misconfiguration to enhance the security and privacy of our systems and applications. Your efforts will ensure the protection of our users' data against potential threats, comply with applicable laws/regulations/commitments and reduce attack paths within the USDS environment.
Responsibilities:
Responsibilities:
• Lead comprehensive privacy-focused penetration tests and/or emulate adversary-like behavior/operations on our infrastructure, application, products and services.
• Perform deep technical, hands-on offensive privacy testing to identify and exploit privacy and security weaknesses.
• Contribute to the creation of a testing framework to methodically test safeguards being designed and implemented
• Design and execute advanced testing methodologies specifically targeting privacy vulnerabilities.
• Develop detailed reports on findings, including actionable remediation recommendations.
• Work closely with XFN teams to address and remediate identified vulnerabilities.
• Communicate findings effectively to technical and non-technical stakeholders.
• Advocate for best practices in privacy and data protection, ensuring compliance with relevant privacy regulations (e.g., GDPR, CCPA).
• Stay updated on the latest privacy threats and integrate new findings into the testing program.
• Build and implement security testing tools and technologies to enhance privacy testing capabilities and promote automation.
• Continuously improve team processes and methodologies for better testing outcomes.
Qualifications:
Qualifications
• Bachelor’s degree in Computer Science, Information Security, or a related field. Advanced degrees or equivalent professional experience are preferred.
• 4+ years of experience in offensive security testing, with a strong focus on privacy vulnerabilities.
• Proven experience in penetration testing, red teaming, and vulnerability assessments, particularly in privacy contexts.
• Relevant security certifications such as OSCP, OSEP, OSWA, OSWE, OWSE, OSED, GPEN, GXPN, GWAPT, GMOB, BSCP etc.
• Hands on technical experience in web, mobile and infrastructure penetration testing with tools like Burp Suite Pro, SQLMap, Frida, Objection, Android Studio, XCode, MobSF, Drozer
• Experience with conducting reverse engineering on mobile applications, including applications with anti-emulator and obfuscation protections
• Familiarity and experience working with frameworks like MITRE ATT&CK/D3FEND, NIST, CCPA, COPPA, OECS, ISO etc.
• Proven hands-on experience with programming and scripting languages (e.g., C/C++, C#, Python, Golang, JS).
Preferred Qualifications:
• Experience with automation, big data and relational databases.
• Contributions to the privacy or security community through research, publications, or participation in bug bounty programs.
• Relevant industry certifications (e.g., CIPP, CIPT, CIPM)
Offensive Privacy Tester
We are looking for an experienced Offensive Privacy Engineer. In this role, you will conduct offensive privacy testing and identify vulnerabilities and/or misconfiguration to enhance the security and privacy of our systems and applications. Your efforts will ensure the protection of our users' data against potential threats, comply with applicable laws/regulations/commitments and reduce attack paths within the USDS environment.
Responsibilities:
Responsibilities:
• Lead comprehensive privacy-focused penetration tests and/or emulate adversary-like behavior/operations on our infrastructure, application, products and services.
• Perform deep technical, hands-on offensive privacy testing to identify and exploit privacy and security weaknesses.
• Contribute to the creation of a testing framework to methodically test safeguards being designed and implemented
• Design and execute advanced testing methodologies specifically targeting privacy vulnerabilities.
• Develop detailed reports on findings, including actionable remediation recommendations.
• Work closely with XFN teams to address and remediate identified vulnerabilities.
• Communicate findings effectively to technical and non-technical stakeholders.
• Advocate for best practices in privacy and data protection, ensuring compliance with relevant privacy regulations (e.g., GDPR, CCPA).
• Stay updated on the latest privacy threats and integrate new findings into the testing program.
• Build and implement security testing tools and technologies to enhance privacy testing capabilities and promote automation.
• Continuously improve team processes and methodologies for better testing outcomes.
Qualifications:
Qualifications
• Bachelor’s degree in Computer Science, Information Security, or a related field. Advanced degrees or equivalent professional experience are preferred.
• 4+ years of experience in offensive security testing, with a strong focus on privacy vulnerabilities.
• Proven experience in penetration testing, red teaming, and vulnerability assessments, particularly in privacy contexts.
• Relevant security certifications such as OSCP, OSEP, OSWA, OSWE, OWSE, OSED, GPEN, GXPN, GWAPT, GMOB, BSCP etc.
• Hands on technical experience in web, mobile and infrastructure penetration testing with tools like Burp Suite Pro, SQLMap, Frida, Objection, Android Studio, XCode, MobSF, Drozer
• Experience with conducting reverse engineering on mobile applications, including applications with anti-emulator and obfuscation protections
• Familiarity and experience working with frameworks like MITRE ATT&CK/D3FEND, NIST, CCPA, COPPA, OECS, ISO etc.
• Proven hands-on experience with programming and scripting languages (e.g., C/C++, C#, Python, Golang, JS).
Preferred Qualifications:
• Experience with automation, big data and relational databases.
• Contributions to the privacy or security community through research, publications, or participation in bug bounty programs.
• Relevant industry certifications (e.g., CIPP, CIPT, CIPM)
Reference: 202041812
https://jobs.careeraddict.com/post/95481001
Offensive Privacy Tester
Posted on Sep 20, 2024 by Velocity Staff
Leawood, KS
Other
Immediate Start
Annual Salary
Full-Time
Overview:
Offensive Privacy Tester
We are looking for an experienced Offensive Privacy Engineer. In this role, you will conduct offensive privacy testing and identify vulnerabilities and/or misconfiguration to enhance the security and privacy of our systems and applications. Your efforts will ensure the protection of our users' data against potential threats, comply with applicable laws/regulations/commitments and reduce attack paths within the USDS environment.
Responsibilities:
Responsibilities:
• Lead comprehensive privacy-focused penetration tests and/or emulate adversary-like behavior/operations on our infrastructure, application, products and services.
• Perform deep technical, hands-on offensive privacy testing to identify and exploit privacy and security weaknesses.
• Contribute to the creation of a testing framework to methodically test safeguards being designed and implemented
• Design and execute advanced testing methodologies specifically targeting privacy vulnerabilities.
• Develop detailed reports on findings, including actionable remediation recommendations.
• Work closely with XFN teams to address and remediate identified vulnerabilities.
• Communicate findings effectively to technical and non-technical stakeholders.
• Advocate for best practices in privacy and data protection, ensuring compliance with relevant privacy regulations (e.g., GDPR, CCPA).
• Stay updated on the latest privacy threats and integrate new findings into the testing program.
• Build and implement security testing tools and technologies to enhance privacy testing capabilities and promote automation.
• Continuously improve team processes and methodologies for better testing outcomes.
Qualifications:
Qualifications
• Bachelor’s degree in Computer Science, Information Security, or a related field. Advanced degrees or equivalent professional experience are preferred.
• 4+ years of experience in offensive security testing, with a strong focus on privacy vulnerabilities.
• Proven experience in penetration testing, red teaming, and vulnerability assessments, particularly in privacy contexts.
• Relevant security certifications such as OSCP, OSEP, OSWA, OSWE, OWSE, OSED, GPEN, GXPN, GWAPT, GMOB, BSCP etc.
• Hands on technical experience in web, mobile and infrastructure penetration testing with tools like Burp Suite Pro, SQLMap, Frida, Objection, Android Studio, XCode, MobSF, Drozer
• Experience with conducting reverse engineering on mobile applications, including applications with anti-emulator and obfuscation protections
• Familiarity and experience working with frameworks like MITRE ATT&CK/D3FEND, NIST, CCPA, COPPA, OECS, ISO etc.
• Proven hands-on experience with programming and scripting languages (e.g., C/C++, C#, Python, Golang, JS).
Preferred Qualifications:
• Experience with automation, big data and relational databases.
• Contributions to the privacy or security community through research, publications, or participation in bug bounty programs.
• Relevant industry certifications (e.g., CIPP, CIPT, CIPM)
Offensive Privacy Tester
We are looking for an experienced Offensive Privacy Engineer. In this role, you will conduct offensive privacy testing and identify vulnerabilities and/or misconfiguration to enhance the security and privacy of our systems and applications. Your efforts will ensure the protection of our users' data against potential threats, comply with applicable laws/regulations/commitments and reduce attack paths within the USDS environment.
Responsibilities:
Responsibilities:
• Lead comprehensive privacy-focused penetration tests and/or emulate adversary-like behavior/operations on our infrastructure, application, products and services.
• Perform deep technical, hands-on offensive privacy testing to identify and exploit privacy and security weaknesses.
• Contribute to the creation of a testing framework to methodically test safeguards being designed and implemented
• Design and execute advanced testing methodologies specifically targeting privacy vulnerabilities.
• Develop detailed reports on findings, including actionable remediation recommendations.
• Work closely with XFN teams to address and remediate identified vulnerabilities.
• Communicate findings effectively to technical and non-technical stakeholders.
• Advocate for best practices in privacy and data protection, ensuring compliance with relevant privacy regulations (e.g., GDPR, CCPA).
• Stay updated on the latest privacy threats and integrate new findings into the testing program.
• Build and implement security testing tools and technologies to enhance privacy testing capabilities and promote automation.
• Continuously improve team processes and methodologies for better testing outcomes.
Qualifications:
Qualifications
• Bachelor’s degree in Computer Science, Information Security, or a related field. Advanced degrees or equivalent professional experience are preferred.
• 4+ years of experience in offensive security testing, with a strong focus on privacy vulnerabilities.
• Proven experience in penetration testing, red teaming, and vulnerability assessments, particularly in privacy contexts.
• Relevant security certifications such as OSCP, OSEP, OSWA, OSWE, OWSE, OSED, GPEN, GXPN, GWAPT, GMOB, BSCP etc.
• Hands on technical experience in web, mobile and infrastructure penetration testing with tools like Burp Suite Pro, SQLMap, Frida, Objection, Android Studio, XCode, MobSF, Drozer
• Experience with conducting reverse engineering on mobile applications, including applications with anti-emulator and obfuscation protections
• Familiarity and experience working with frameworks like MITRE ATT&CK/D3FEND, NIST, CCPA, COPPA, OECS, ISO etc.
• Proven hands-on experience with programming and scripting languages (e.g., C/C++, C#, Python, Golang, JS).
Preferred Qualifications:
• Experience with automation, big data and relational databases.
• Contributions to the privacy or security community through research, publications, or participation in bug bounty programs.
• Relevant industry certifications (e.g., CIPP, CIPT, CIPM)
Reference: 202041812
Share this job:
Alert me to jobs like this:
Amplify your job search:
Expert career advice
Increase interview chances with our downloads and specialist services.
Visit Blog