Senior Cybersecurity Specialist - Penetration Tester

Newell Brands - Sandy Springs, GA

posted 3 months ago

Full-time - Mid Level
Sandy Springs, GA
10,001+ employees
Miscellaneous Manufacturing

About the position

Newell Brands is seeking an experienced Senior Cybersecurity Specialist with a focus on Penetration Testing to establish, lead, execute, and mature penetration testing initiatives across its global functions. This role is pivotal in building a penetration testing capability from the ground up within the organization. The successful candidate will be responsible for leading penetration testing activities and red team exercises aimed at evaluating technical controls and proactively protecting Newell's information assets from unauthorized access, inappropriate use, data disclosure, and business disruptions. The position requires a comprehensive approach to identifying, assessing, prioritizing, and tracking the remediation of vulnerabilities. The Senior Cybersecurity Specialist will work closely with IT and business units, engaging regularly with internal and external auditors, as well as Legal, Privacy, and Ethics teams. This collaborative environment will ensure that security measures align with organizational strategies and compliance with regulatory requirements. In this role, the candidate will design and execute various testing and simulations, including penetration tests, technical controls assessments, and resiliency simulations. They will also contribute to the development and refinement of assessment methodologies, tools, and frameworks. The position demands a deep understanding of Newell Brands' environment to perform targeted testing based on current and anticipated threat profiles. Additionally, the specialist will evaluate technology controls for effectiveness, analyze operational IT processes, and develop comprehensive reports and presentations for both technical and executive audiences, influencing business strategies by articulating technical risks associated with key solutions and technology implementations.

Responsibilities

  • Design, lead, and execute testing and simulations such as penetration tests, technical controls assessments, red team exercises, or resiliency simulations.
  • Contribute to the development and refinement of assessment methodologies, tools, and frameworks to ensure alignment with organizational strategy and compliance with regulatory requirements.
  • Develop an understanding of Newell Brands' environment and perform targeted testing based on the current and forward-looking threat profile.
  • Evaluate technology controls for effectiveness and impact on operational risk, analyzing operational IT processes and workflows to identify systemic risk issues.
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences, influencing technical and business strategies by articulating technical risk associated with key business solutions and technology implementations.
  • Develop exploits and customized proof of concepts for diverse targets and tech stacks, utilizing advanced tools and scripts for penetration testing and exploiting vulnerabilities.
  • Keep current on industry security testing best practices and industry security risk, mentoring and sharing knowledge with other security practitioners.
  • Participate in remediation efforts through cross-functional working teams and across business units, providing both prioritization advice and remediation guidance to IT owners and technology stakeholders.

Requirements

  • Degree in Information Security, Computer Science, Information Management Systems, or a related field.
  • 2-3 years' experience as a penetration tester or in a red team related role.
  • Experience in scripting or task automation using Perl, Python, PowerShell, Bash, or Ruby.
  • Experience developing, extending, or modifying exploits, shellcode, or exploit tools.
  • Advanced knowledge of operating system and database security (Windows, Unix, Linux, SQL, and Oracle).
  • Experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols.
  • Hands-on working experience with commercial and open-source network and application security testing tools.
  • Ability to communicate technical information in understandable business terms; transform technical concepts into usable documented material for non-technical users.

Nice-to-haves

  • Information security related industry certification preferred (OSCP, Pentest+, GPEN, CEH).
  • 3+ years' experience as a penetration tester or in a red team related role.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service