Procter & Gamble Senior Penetration Tester / Red Team in Cincinnati, Ohio
Procter & Gamble is seeking a highly skilled Senior Penetration Tester to join our offensive security team and find security vulnerabilities before others do.
This role works in a broad P&G environment, with a key focus of mission-critical applications and infrastructure. It is a unique opportunity to be immersed in the global IT ecosystem of a Fortune 500 company, and work on vulnerabilities that would never be found in short-term penetration testing engagements. The role requires deep security knowledge and an ability to continuously learn.
Penetration Testers in this role must have skills and experience in Web Application and Infrastructure testing. Candidates will be preferred if they additionally have experience performing red team assessments, mobile or hardware testing. Strong leadership skills are required to assist and mentor other offensive security team members. In this position, you will partner with other Cyber Defense Teams to achieve the shared vision of enhancing P&G’s cyber security posture.
Perform manual penetration tests of websites, services, infrastructure, networks, IoT Devices, and mobile applications to discover and exploit vulnerabilities.
Provide technical leadership and advice to junior team members on attack and penetration test engagements.
Clearly document and communicate findings and remediation recommendations to the application/service owners.
Investigate findings from our Bug Bounty program.
Partner with Cyber Defense Protect, Detect and Respond teams to operationalize new protect, detect and response concepts and processes.
Bachelor’s degree in Information Systems, Information Technology (IT), Computer Science, Engineering, or other technical/IT field and/or at least 5+ years of relevant experience.
Strong analytical skills, able to leverage complex data to identify opportunities, recognize problems, and draw logical conclusions.
Experience with penetration testing tools such as Metasploit, Burp Suite, Nmap, etc.
Experience with manual attack and penetration testing.
Familiarity with multiple operating systems, minimally Windows and Linux.
Understanding of network architecture, or how networks operate in general.
Willingness to obtain the Certified Information System Security Professional (CISSP) certification within 1 year. Additionally, willingness to obtain within 15 months, at least 1 other ethical hacking related certification. P&G provides study preparation and exam cost coverage.
Masters degree in Information Systems, Information Technology (IT), Computer Science, Engineering, or other technical/IT field
Certifications: OSCP, OSCE, OSWE, GPEN, GXPN, GWAPT.
Understanding of web-based security vulnerabilities, ability to identify and exploit them (e.g. XSS, CSRF, SQLi, session management issues, etc.).
Prior experience in web development.
Experience in CTF competitions or Bug Bounty programs.
Experience in mobile (iOS/Android) application development/assessment.
Experience in Internet of Things (IoT) security and exploitation.
Ability to provide customer-facing support in a professional manner.
The Value of a P&G Career
Ongoing coaching and career development – you will work with passionate people and have access to best in class training through our P&G Leadership Academy as well as day-to-day mentoring from your manager.
We provide a market-competitive salary benchmarked against the finest companies, so you'll be able to spend your generous vacation time doing more of the things you love with the people you love.
We offer a suite of benefits, including but not limited to: flexible working arrangements, remote working options, generous paid vacation increasing with service, generous parental leave policies, group life insurance, health insurance, and dedicated support to help you find the right child care or elder care.
Additional perks include discounted P&G products from our company shops and a discount platform offering you unbeatable savings on everything from groceries to exotic holidays.
What's more, your financial package might include things like interest-free loans, a tax-advantageous share purchase plan, a contributory pension plan, and financial education and advisement on topics including purchasing real estate and generating wealth.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, disability status, age, sexual orientation, gender identity and expression, marital status, citizenship, HIV/AIDS status or any other legally protected factor.
Immigration sponsorship is not available for this role. As a general matter, Procter & Gamble does not sponsor candidates for nonimmigrant visas or permanent residency. However, Procter & Gamble may make exceptions on a discretionary basis. Any exceptions would be based on the Company's specific business needs at the time and place of recruitment as well as the particular qualifications of the individual.
Procter & Gamble participates in e-verify as required by law.
Qualified individuals will not be disadvantaged based on being unemployed.
Experienced Professionals (Job Segmentation)
Procter & Gamble
- Procter & Gamble Jobs