Cyber Penetration Tester III

Our team members are the key to our company’s success, and their health and well-being, as well as that of their families, is very important to us. We offer a comprehensive benefits package that allows our team members stay healthy, plan for their future and maintain a healthy work-life balance. Benefits may vary with employment status. To see our fill list of Team Member Benefits please visit our career site: www.gotoworkhappy.com/benefits Job Description: SHRSS is seeking a highly motivated and skilled Senior Penetration Tester. This role will be responsible for performing application and infrastructure penetration tests, CVE research, and control and exploit validation. This individual will also actively collaborate with Vulnerability Management and remediation stakeholders to provide SME support. Our team is growing and we’re looking for somebody with the mindset to help our programs continue to evolve. RESPONSIBILITIES Act as the SME and technical lead for all penetration testing engagements. Perform hands-on penetration testing and vulnerability assessments on web, mobile and API applications, as well as infrastructure assets. Assist in the coordination activities with third-party penetration testing engagements. Develop and maintain security testing plans and methodologies. Carefully document and report the outcome of all penetration tests. Produce actionable, threat-based, reports on security testing results. Provide SME support and remediation guidance to the vulnerability team and remediation stakeholders. Evaluate the current program and contribute to process discussions. QUALIFICATIONS Basic: 3-5 years of experience in application and/or infrastructure penetration testing. Strong grasp of the OWASP Top 10 and emerging attack vectors. Strong grasp of CVSS Scoring versions 2, 3 or 3.1. Previous CVE research experience. Working knowledge of Windows, Unix/Linux, Mac OS X, Android, iOS, etc. Strong verbal and written communication skills. Strong collaboration skills. Preferred: Bachelor’s degree or higher in information security, equivalent demonstrated work experience and industry standard certifications. Prior experience working on a Penetration Testing Team. Information security certifications (e.g. OSCP, OSWA, GPEN, GWAPT, eCPPT, eWPT, CEH, CISSP). Software development experience in one or more programming languages (e.g., Java, C#, C++, Python, PowerShell, JavaScript). Cloud security experience in one or more of the following (AWS, GCP or Azure). Experience in the Casino Gaming industry. Thank you for choosing us as your employer of choice! If you are ready for an exciting opportunity working in a creative environment where you can bring your authentic self to work, we want to connect with you! If you're unable to find a position that matches your interest, please tell us a little about yourself, and we'll recommend jobs that match your interests. Be Iconic represents the roots of our culture. The Seminole Tribe of Florida remains the only unconquered tribe in the United States of America. The Tribe established Seminole Gaming in 1979, when it opened the first high-stakes bingo hall in the United States. Building on its rich heritage of courageous and groundbreaking achievements, the Seminole Tribe of Florida acquired Hard Rock International in March 2007—the first transaction of its kind by a Native American tribe. Today, Hard Rock International remains one of the most globally recognized companies in the world, with Hard Rock Hotel, Casino, Cafe and Rock Shop® venues in over 74 countries. With the continued growth of Seminole Gaming and Hard Rock International, Seminole Hard Rock Support Services was created to support all of our brands and lines of business. With the largest global footprint in the hospitality industry for over 50 years, our number-one job is to bring fun and excitement to our team members and our guests! Apply tot his job Apply To this Job