Location: Myrtle Point,OR, USA
At Verint, we believe customer engagement is the core of every global brand. Our mission is to help organizations elevate Customer Experience (CX) and increase workforce productivity by delivering CX Automation. We hire innovators with the passion, creativity, and drive to answer constantly shifting market challenges and deliver impactful results for our customers. Our commitment to attracting and retaining a talented, diverse, and engaged team creates a collaborative environment that openly celebrates all cultures and affords personal and professional growth opportunities. Learn more at www.verint.com.
Overview of Job Function
The Verint Offensive Security team is seeking a highly skilled and motivated Sr. Offensive Security Specialist to join our team. Using your security expertise, you'll uncover security weaknesses within Verint applications by simulating the tactics, techniques, and procedures (TTPs) of real-world adversaries. This will involve utilizing both threat intelligence and collected telemetry to emulate cyber and criminal threat actors who may target Verint. Your analytic capabilities will be critical during security incidents to reduce uncertainty, uncover root causes, and inform future prevention and detection mechanisms.
Principal Duties and Essential Responsibilities:
* Conduct complex offensive security assessments across a variety of environments, including multi-cloud deployments and mobile applications.
* Develop scripts and tools to automate offensive security assessments
* Provide technical expertise in areas such as network protocols, operating systems, and web application security.
* Work closely with other members of the Verint security team to identify and mitigate security risks and vulnerabilities.
* Lead offensive security projects and mentor junior team members.
* Produce clear and concise reports testing plans, engagement models, findings, risks, and recommendations for remediation
* Keep up-to-date with the latest security threats, vulnerabilities, and attack methods.
* Act as the subject-matter expert and primary contact for stakeholder teams invested in offensive security programs and Verint-wide security initiatives
* Collaborate effectively with teammates, leading projects, mentoring others, and developing and championing quality standards within the team
Minimum Requirements:
* 5+ years' experience in offensive security or related field
* B.S. or M.S. Computer Science or related field, or equivalent experience
* Proven knowledge of web application security, including vulnerabilities such as OWASP Top10, MITRE ATT&CK and MITRE Atlas frameworks
* Experience with cloud computing platforms such as AWS, Azure, or Google Cloud Platform
* Knowledge of Python and SQL, and familiarity with other programming languages
* Ability to analyze and interpret application logs to identify and investigate potential security incidents
* Excellent written and verbal communication skills, including the ability to produce clear and concise reports
* Ability to think creatively and holistically about identifying risk in a complex environment
* Successful completion of a background screening process including, but not limited to, employment verifications, criminal search, OFAC, SS Verification, as well as credit and drug screening, where applicable and in accordance with federal and local regulations
Preferred Requirements
* Experience in conducting offensive security activities in the highly regulated environments
* An adversarial mindset, understanding the goals, behaviors, and TTPs of threat actors.
* Experience partnering with threat intelligence and incident response teams to perform log analysis, digital forensics, and incident response investigations
* Experience with engineering, data processing and analysis tools
* Familiarity with common open-source frameworks for big data processing and/or data science
* Experience with tactical threat intelligence and/or hunting for sophisticated threat actors in an enterprise environment
* Familiarity with network observability, security software, or data engineering solutions
#LI-BM1