Junior Penetration Tester

When you join Verizon

You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife.

What you’ll be doing...

The Enterprise Security Pen Testing team is a group of talented, creative thinkers who "act like the enemy" to focus on ensuring that network, Infrastructure, web applications, mobile applications and APIs are secure by performing ethical hacking and penetration testing on the defenses Verizon has (and some 3rd parties have) created for applications accessed from both inside and outside of Verizon. This team isn’t a "copy and paste from a scan tool" reporting team, or a cookie cutter just scanning with tools team, or a team that just monitors and supports security scanning tools used by developers. This team is an Enterprise recognized and supported group of skilled, experienced and certified ethical hacking Verizon employees who are trusted to direct themselves with a lot of unknowns. They also use their skills to support Verizon Incident Response.
 

Responsibilities include:

• Participating in application layer penetration testing of key, critical mobile applications, web applications and APIs, including the exploitation of security vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF) and Unencrypted Authentication, methodologies, custom tests and tools to subvert the applications’ runtime or logical security controls to provide accurate assessments of Verizon’s application security posture across all LOBs and organizations.

• Participating in network and infrastructure layer penetration testing, including the exploitation of security vulnerabilities. 

• Creating security vulnerability reports for both technical and executive audiences.

• Identifying and documenting basic security gaps or vulnerabilities in applications, and processes, and advise relevant stakeholders on the appropriate course of action to strengthen Verizon’s application security posture, under the guidance of Sr Engineers.

• Monitoring and responding to user questions, requests and other messages via email or the slack help channels for Automated Scanning escalating to Sr. Engineers when necessary.

• Assisting in creating and maintaining process and user documentation. Outlining, organizing and reviewing KBs, methodologies, user instructions, etc. periodically to ensure usability and clear direction for team members and users.

• Assisting in the development of scripts, tools, or methodologies to enhance Verizon’s application pen testing teaming processes.

What we’re looking for...

You are excited to work with complex, mission-critical, high transaction, high availability environments. You’re great at working in teams and can use your interpersonal skills to get your point across. You are self-driven and motivated, with good communication and analytical skills. You’re a sought-after team member that thrives in a dynamic work environment. You will be working with multiple partners so networking and managing effective working relationships should be your top most priority. You have an understanding of industry trends in all areas of Information Security.
 

You’ll need to have:

• Bachelor’s degree or one or more years of relevant experience required, demonstrated through work experience and/or military experience.

• One or more years of relevant work experience.

Even better if you have one or more of the following:

• Knowledge of system and application security threats and vulnerabilities and secure configuration management techniques, software debugging principles, software design tools, methods, and techniques, software development models (e.g., Waterfall Model, Spiral Model).

• Knowledge of network security, network security vulnerabilities and exploitation techniques.

• Experience with system and application security threats and vulnerabilities and secure configuration management techniques, software debugging principles, software design tools, methods, and techniques, software development models (e.g., Waterfall Model, Spiral Model).

• Knowledge of secure coding techniques.

• Knowledge of AI Security, Vulnerabilities and exploitations.

• Knowledge of AI development to enhance security testing.

• Some experience with software related information technology (IT) security principles and methods (e.g., modularization, layering, abstraction, data hiding, and simplicity/minimization).

• Knowledge of secure software deployment methodologies, tools, and practices.

• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

• Knowledge of security architecture concepts and enterprise architecture reference models.

• Knowledge in discerning the protection needs (i.e., security controls) of information systems and networks.

• Knowledge of integrating black box security testing tools into quality assurance process of software releases.

• Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

• Strong organization skills and demonstrated ability to manage multiple, often conflicting priorities to successful completion.

• Knowledge of the SDLC, continuous build systems and other software engineering methodologies/systems.

• INE certifications such as eWPT or eMPT, Security+, PenTesting+, OSCP, OSWA, GPEN, GCIH, GWAPT, or GXPN.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above.

Scheduled Weekly Hours

Equal Employment Opportunity 

Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to veteran status, disability or other legally protected characteristics.

Benefits and Compensation

Our benefits are designed to help you move forward in your career, and in areas of your life outside of Verizon. From health and wellness benefit options including: medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance. We also offer a matched 401(k) savings plan, stock incentive programs, up to 8 company paid holidays per year and up to 6 personal days per year, parental leave, adoption assistance and tuition assistance, plus other incentives, we’ve got you covered with our award-winning total rewards package. Depending on the role, employees have the opportunity to receive compensation in the form of premium pay such as overtime, shift differential, holiday pay, allowances, etc. Newly hired employees receive up to 15 days of vacation per year, which grows with additional service. For part-timers, your coverage will vary as you may be eligible for some of these benefits depending on your individual circumstances.