Job Details

Mobile and Web Application Penetration Tester (REMOTE)

Advertiser
GEICO
Location
Chevy Chase, Maryland, United States
Rate
-

Use data to make strategic decisions.

GEICO Technology Solutions Cyber Security is seeking a Mobile and Web Penetration tester for its new Cyber Adversary Simulation and Red team. This dedicated team will perform penetration testing against web applications, our networks, and data stores. Additionally, they will employ social engineering to identify weaknesses in business processes and policies. In creating its test plans, the team will coordinate with application architecture teams, Underwriting Fraud, Claims Fraud, Cyber Threat Intelligence, and other teams to ensure alignment. It will also deliver a continuous view into corporate hygiene and attack surface through the use of breach and attack automation tools. Finally, it will provide metrics tracking testing coverage (visibility), time to remediate issues, and detection efficacy to show gaps and improvement opportunities.

Responsibilities Include:

Conduct Web application, API, and Mobile Application penetration testing

Performing sophisticated adversary simulation operations against GEICO's systems to identify gaps in prevention, detection, and/or response

Research, develop, and apply TTPs of relevant threat actors to simulations

Provide subject matter expertise on offensive security

Leverage threat intelligence to hunt for indicators of compromise and vulnerabilities

Managing and improving breach and attack simulation tools

Collaboration with enterprise defenders to improve detection and response

Creating and following rules of engagement

Ideal Candidates Can:

Write penetration testing reports on time, with extensive evidence, and excellent grammar

Think like an adversary and like a defender

Fully understand and apply TTPs, MITRE ATT&CK, and MITRE Pre-ATT&CK to report writings and presentations

Plan an attack from reconnaissance to initial access to mission target and finally to successful exfiltration/egress

Experience with scripting and editing existing code and programming, including Perl, Python, Ruby, Bash, C/C , C#, or Java

Use automation and scripting languages

Read and write relevant programming languages

Experience rooting or jailbreaking mobile devices.

Experience with LTE and GSM protocols

Working knowledge of Frida or Radare2

Experience conducting security assessments on IoT platforms

Familiar with iOS or Android operating systems

Experience performing network and application penetration testing

in-depth understanding of enterprise networks and security defenses

Understanding of network protocols, nix, and Windows operating system functionality

Strong knowledge of cybersecurity tooling and technology

Experience or strong understanding of cloud concepts and platforms

Benefits:

At GEICO, we make sure you have the support and resources to leverage and develop your skills, secure your financial future, and take care of your health and well-being. GEICO continually seeks to provide a workplace where everyone can be their authentic self. To help achieve this goal, we support associate-led Employee Resource Groups that foster a true sense of community. Through GEICO's competitive benefits offerings and various training and development opportunities, we have you covered with our Total Rewards Program that includes:

  • Premier Medical, Dental and Vision Insurance with no waiting period
  • Paid Vacation, Sick and Parental Leave
  • 401(k) Plan
  • Tuition Reimbursement
  • Paid Training and Licensures

Benefits may be different by location. Benefit eligibility requirements vary and may include length of service.

Coverage begins on the date of hire. Must enroll in New Hire Benefits within 30 days of the date of hire coverage to take effect.

GEICO is proud to be an equal opportunity employer. We are committed to cultivating an environment where equal employment opportunities are available to all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO celebrates diversity and believes it is critical to our success. As such, we are committed to recruit, develop and retain the most talented individuals to join our team.

Send Application

Mail this job to me so I can apply later

Apply With CV

You are not logged in. If you have an account, log in to your account. If you do not have an account, why not sign up? It only takes a minute!