Security Engineer Red Team

Veeva Systems Columbus , OH 43216

Posted 3 months ago

At Veeva, we build enterprise cloud technology that powers the biggest names in the pharmaceutical, biotech, consumer goods, chemical & cosmetics industries. Our customers make vaccines, life-saving medicines, and life-enhancing products that make a difference in everyday lives. Our technology has transformed these industries; enabling them to get critical products and services to market faster. Our core values, Do the Right Thing, Customer Success, Employee Success, and Speed, guide us as we make our customers more efficient and effective in everything they do.

The Role

Job Summary

Veeva's Security Engineering Team is seeking Red Teamers to help keep Veeva secure and safe from attackers. Our team in Columbus is growing, and we want you to join us!

This role has a broad scope, ranging from attacking Veeva's AWS services, infrastructure and processes, discovering weaknesses in Veeva's architecture, and working with various platform teams, third party testers and researchers to sharpers our detective and preventative capabilities. This role presents an ultimate test of one's security knowledge and ability, along with the support of a team of highly skilled individuals.

What You'll Do

  • A Security Engineer at Veeva is expected to be strong in multiple domains. Engineers in this role work closely with teams throughout Security, such as the Threat Intelligence, Application Security and Security Operations teams, as well as provide technical leadership and advice to teams and leaders throughout Veeva. You will be in direct contact with numerous teams in a variety of business platforms, giving you firsthand knowledge about how Veeva is built and how it operates at a deep, technical level. Additionally, you will leverage the knowledge you gain about Veeva to find new ways to break software and processes throughout the company.

  • Engineers in this role must show exemplary judgment in making technical trade-offs between short-term fixes and long-term security and business goals. They must also demonstrate resilience and navigate difficult situations with composure and tact. Individuals in this role will be expected to provide thought leadership for the organization as you discover, invent and innovate throughout the course of their duties. Above all else, a strong sense of customer obsession is necessary to focus on the ultimate goal of keeping Veeva and its customers secure.

  • Participate in Red Team engagements throughout Veeva with few limits and restrictions.

  • Conduct full cycle engagements with business units independently, or as part of a team.

  • Perform manual examination of client systems, web sites and networks to discover weaknesses.

  • Thoroughly document exploit chain/proof of concept scenarios for client consumption.

  • Communicate findings and discoveries to prioritize and execute remediation plans.

  • Coordinate find remediation from third party penetration testers

  • Review and validate findings from Veeva's bug bounty program

  • Maintain AWS VPC and related testing systems for our third-party testers and bug bounty programs

Requirements

  • BS in Computer Science or related field, or equivalent work experience

  • 2+ years in an Information Security role, preferably in red teaming, penetration testing, reverse engineering, incident response or vulnerability management

  • Advanced knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security

  • Experience with interpreted or compiled languages: Python, Ruby, Perl, PHP, C/C++, Java, C#

  • Experience with cloud service providers and their offerings, preferably AWS and its various technologies and APIs

  • Experience with various testing tools, such as Netspaker, Kali Linux, Metasploit, Nmap, Nessus, Burp Suite, etc.

  • Familiar with offensive TTPs (Tactics, Techniques and Procedures) including post-exploitation and lateral movement

  • Experience with Redhat, AWS Linux, AWS Linux 2, Windows Server 2008, 2012, 2016 and 2019 etc.

  • Understanding of one or more standards: OSWAP Top 10, SANS Top 20, NIST 800-53, CIS, CSC or other security standards

Nice To Have

  • Industry penetration certifications such as OSCP, GPEN, GXPN, GWAPT etc

  • Industry security certifications such as CISSP, CEH or others

  • Experience in conducting social engineering focused assessments

  • Experience in CTF competitions, CVE research and/or Bug Bounty recognition

  • Knowledge of the MITRE ATT&CK Framework

  • Experience in Web and Mobile (Android/iOS) based application/service assessment

  • Experience in Wireless and Network assessment in enterprise infrastructure

  • Experience in reverse engineering and associated tooling such as IDA

  • Experience in Advanced Persistent Threat exploits

  • Experience with Web Application Firewalls (WAF), IDS/IPS or other security platforms

  • Knowledge of fuzzing, memory corruption and exploit development

  • Knowledge about hardware hacking

  • Intermediate to advanced communication and presentation skills

  • Experience providing training and mentorship

  • Demonstrable teamwork skills and resourcefulness

  • Ability to make concrete progress in the face of ambiguity and imperfect knowledge

Veeva's headquarters is located in the San Francisco Bay Area with offices in more than 15 countries around the world.

Veeva is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin or ancestry, age, disability, marital status, pregnancy, protected veteran status, protected genetic information, political affiliation, or any other characteristics protected by local laws, regulations, or ordinances.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Development Director Go Red For Women

American Heart Association

Posted 4 days ago

VIEW JOBS 8/22/2019 12:00:00 AM 2019-11-20T00:00 Overview Are you ready to join an organization where you can make an extraordinary impact every day? Imagine all Americans enjoying ideal cardiovascular health free of heart disease and stroke. At the American Heart Association and American Stroke Association, we get to work toward that goal every day. Is it easy? No. Is it worthwhile? Absolutely. This is satisfying and challenging work that makes a real difference in people's lives. We are where you can achieve professional growth with personal fulfillment. We are where you can connect people to making a lifesaving impact. We are where you can partner with individuals, schools, lawmakers, healthcare providers and others to ensure everyone has access to healthier lifestyle choices and proper healthcare. The American Heart Association is where you can make an extraordinary impact. Responsibilities We have an excellent opportunity for a Development Director, Go Red For Women (sales/fundraising) in our Columbus, OH office. Reporting to the Sr. Director, the Director is responsible for event implementation through event chair recruitment, solicitation of sponsorships, individual giving, executive leadership volunteer committee recruitment, auction production and overall event coordination. Essential Job Duties: * Achievement of the Go Red For Women event financial goal(s) * Serves as staff lead for STEM Goes Red event, which includes securing corporate sponsorships * Oversees additional c-suite volunteer & donor cultivation events * Conducts revenue generation-focused meetings/calls daily and appropriately document scheduled appointments and results * Develops and cultivate mutually satisfying relationships with corporations and top-level donors by utilizing consultative approach to match donor interests with AHA mission and priorities * Leads volunteer recruitment and engagement. Ensuring the right profile event and executive leadership team chairpersons and other volunteers are recruited and provided effective orientation, training and development and activation * Delegates to Administrative Associate who is responsible for event logistics including, but not limited to, event promotions, entertainment, live and silent auctions. * Plans, executes, monitors and evaluates event and related year-round activities. Qualifications Want to help get your resume to the top? Take a look at the experience we require: * Bachelor's degree or equivalent experience * At least two years of experience with a non-profit organization in a fund-raising position, or two years proven success in marketing, sales, event planning, fundraising or new business development. * Demonstrated skills in negotiation and motivation * Proven outside sales experience, business-to-business experience preferred * Knowledge and skills in fund raising principles, practices and techniques * Ability to recruit, train, counsel, and manage volunteer groups and to develop long range organizational goals and follow through with them * Ability to work in a team atmosphere, but also to work independently * Ability to apply sound judgment and problem-solving skills to conflicts * Ability to work in a fast-paced environment * Applied knowledge and intermediate skills in windows applications such as Word, Excel and Outlook * Demonstrated skills in written and oral communication including large and small group presentations, group facilitation, and training, ability to speak publicly * Ability and willingness to travel and to work evenings and weekends on occasion Click on "Apply for this job online" to submit your online application or "Log back in!" if you are a returning applicant. Only those candidates deemed most qualified by the hiring manager will be contacted to interview. At American Heart Association | American Stroke Association, diversity, inclusion, and equal opportunity applies to both our workforce and the communities we serve as it relates to heart health and stroke prevention. This position not a match with your skills? Click here to see other opportunities with the American Heart Association Be sure to follow us on Twitter to see what it is like to work for the American Heart Association and why so many people enjoy #TheAHALife EOE Minorities/Females/Protected Veterans/Persons with Disabilities American Heart Association Columbus OH

Security Engineer Red Team

Veeva Systems