Job Information
HEALTHEQUITY, INC. Principal Penetration Tester in DRAPER, Utah
Principal Penetration Tester Job Locations
US-Remote
Overview
We areCONNECTING HEALTH AND WEALTH.Come be part of remarkable.
How you can make a difference We are seeking a highly skilled Principal Penetration Tester to join our cybersecurity team. This role involves proactive identification and mitigation of vulnerabilities in our customer-facing SaaS applications. The ideal candidate will have extensive experience in penetration testing, particularly in web-based applications, and a strong understanding of offensive security techniques. What you'll be doing Lead Penetration Testing: Perform thorough penetration testing on applications, networks, systems, and infrastructure. Simulate real-world attacks to identify vulnerabilities and risks. * Security Assessments: Conduct risk assessments and vulnerability analysis, providing detailed reports that outline findings, severity, and remediation recommendations. * Red Team Engagements: Lead and participate in advanced Red Team exercises to test an organization's security readiness against sophisticated attacks. * Tool Development: Build, modify, and customize tools/scripts for specific penetration testing scenarios. * Reporting and Documentation: Generate comprehensive reports that explain the vulnerabilities found, their potential impact, and recommended remediation strategies. * Collaboration: Work closely with IT, development, and operations teams to communicate vulnerabilities and guide remediation efforts. * Research and Development: Stay up-to-date on the latest threats, vulnerabilities, and security technologies. Continuously research new attack techniques and defense strategies. * Mentorship: Mentor junior team members, providing guidance and sharing knowledge of best practices and cutting-edge techniques. Continue to formally document HealthEquity's layered security model and build out current and future state security models. * Foster a working environment that is conducive to two-way communication, teamwork and learning. What you will need to be successful * Proven experience in penetration testing, particularly on SaaS applications. * Familiarity with solutions like Burp Suite, Metasploit, and OWASP Top 10. * Strong understanding of web application security and common vulnerabilities. * Ability to think like an attacker and approach testing with a black box mentality. * Ability to chain multiple exploits together to demonstrate complex attack scenarios. * Excellent problem-solving skills and attention to detail. * Strong communication skills, with the ability to explain complex security issues to non-technical stakeholders. #LI-Remote This is a remote position.
Salary Range
$135,000.00 to $200,000.00/year