.Requisition ID: 59201**Location**:Tijuana, Mexico - States, MexicoFunction: Information TechnologyWork is no longer a place.
It's what you do.
And how you do it.
More fluid, more flexible, powered by your imagination and by some amazing technology!
That's where we come in.
We're Poly.
We're a global outfitter of pro-grade audio and video technology so that employees everywhere can look and sound their best from anywhere.
Join us as we pursue our disruptive vision to bring professional audio and video meeting technology and services to everyone.
Be a part of our journey!We are looking for a strong Penetration Tester, you will be working with the engineering team to perform vulnerability assessments and penetration tests against a broad range of Poly products and services and assist them in the interpretation and remediation of common software security weaknesses.
You will also work with QA, product/program management, and product compliance team supporting them throughout the software development life cycle (SDLC).
**Your day to day**- Conduct vulnerability assessments, attack surface analysis and penetration tests against Poly products and IT infrastructure- Raise defects/tickets for each vulnerability found- Drive defect closure to ensure they are fixed according to Poly's internal deadlines- If necessary, be able to create a working exploit to demonstrate the severity of the vulnerabilities- Help the extended security team respond to customer inquiries regarding product security- Coordinate with third-party penetration test vendors to assess the security of Poly products and services- Contribute to the development of information and product security policies, standards and guidelines related to product and cloud security- Conduct security research to stay abreast of emerging security threats and industry best practices and advise the organization of potential risks and threat mitigation techniques**What you bring to the team**- Experience with one more vulnerability scanners and penetration testing tools - Nexpose, Nessus, Qualys, BurpSuite, OWASP ZAP, Nmap, Metasploit- Scripting experience (bash, python )- Experience with common software security weaknesses (CWE) and their mitigations- Experience penetration testing both Azure and AWS environments- 5+ years of information security experience with an emphasis in penetration testing- Bachelor's degree in Computer Science or related field- Experience conducting security reviews on embedded systems or IoT devices- Experience conducting security code reviews (especially for Java)- Any other Offensive Security certifications- Embedded (Linux or Android) product development experience a plus- Experience with one or more data security standards: Common Criteria, FIPS, ISO, PCI, HIPAA, FISMA, etc.
**Our Culture**At Poly, leadership principles aren't just something we talk about, they're something we live and breathe