Senior Security Engineer - Penetration Testing

$83,430 - $222,480/Yr

CVS Health - Washington, DC

posted 25 days ago

Full-time - Mid Level
Washington, DC
Health and Personal Care Retailers

About the position

As a member of the enterprise penetration testing team within the Cyber Defense function at CVS Health, this role is responsible for conducting application and infrastructure penetration tests to enhance the security of application and network assets. The position emphasizes the importance of human-centric health care and aims to innovate and deliver solutions that make health care more personal, convenient, and affordable.

Responsibilities

  • Conduct advanced penetration tests on web applications, mobile applications, network infrastructure, and cloud environments.
  • Assist in scoping, executing, and peer reviewing penetration testing engagements.
  • Understand and safely use various penetration testing tools, emulating hacker tactics when appropriate.
  • Develop scripts, tools, or methodologies to enhance CVS's penetration testing processes.
  • Create comprehensive and accurate reports and presentations for various stakeholders.
  • Stay updated with the latest cybersecurity threats, vulnerabilities, and trends.
  • Collaborate with other Cyber Defense teams to improve detection capabilities.

Requirements

  • 5+ years of overall experience with at least 3 years of hands-on experience in penetration testing applications and networks.
  • One or more offensive security certifications such as OSCP, OSCE, OSWE, GMOB, GPEN or equivalent.
  • Experience with cloud environments (GCP, Azure, AWS), web and mobile applications.
  • Deep understanding of network protocols, operating systems, and application technologies.
  • Strong knowledge of tools used for wireless, web application, and network security testing.
  • Good understanding of Unix/Linux/Mac/Windows operating systems, including bash and PowerShell scripting.
  • Demonstrated ability to work independently or as part of a team.
  • Ability to document and explain technical details to both technical and non-technical stakeholders.

Nice-to-haves

  • In-depth penetration testing of iOS and Android mobile applications.
  • Background in software development, system, and network administration.
  • Strong understanding of enterprise architecture and authentication mechanisms.
  • Good understanding of methods to secure microservices and APIs.
  • Advanced knowledge of penetration testing methodologies, tools, and frameworks such as Kali, Metasploit, Burp, Frida, and others.

Benefits

  • Medical, dental, and vision benefits.
  • 401(k) retirement savings plan.
  • Employee Stock Purchase Plan.
  • Fully-paid term life insurance plan.
  • Short-term and long-term disability benefits.
  • Well-being programs and education assistance.
  • Free development courses.
  • CVS store discount and discount programs with participating partners.
  • Paid Time Off (PTO) and paid holidays.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service