Offensive Security Engineer
Location: San Diego, California US
Requisition Number: 203521
Position Title: Engineer (II)
Teradata empowers companies to achieve high-impact business outcomes through analytics. With a powerful combination of Industry expertise and leading hybrid cloud technologies for data warehousing and big data analytics, Teradata unleashes the potential of great companies. Partnering with top companies around the world, Teradata helps improve customer experience, mitigate risk, drive product innovation, achieve operational excellence, transform finance, and optimize assets. Teradata is recognized by media and industry analysts as a future-focused company for its technological excellence, sustainability, ethics, and business value.
The Teradata culture isn’t just about one kind of person. So many individuals make up who we are, making us that much more unique. It’s what sets apart the dynamic, diverse and collaborative environment that is Teradata. But even as individuals, there’s one thing that we all share —our united goal of making Teradata and our people, the best we can be.
The offensive security group is the research and assurance arm of the Product Security Team. While the larger team provides security guidance to the product development teams, our group is tasked with assessing our products and services from an adversarial perspective. Through a variety of security assessments, we provide valuable assistance to Teradata in understanding what threats exist and what their realistic impact to our products and services can be. We encourage research projects and conference presentations to show Teradata is an industry leader in security. From application penetration tests to wide scope full scale adversary simulation, the offensive security group pushes boundaries to provide a safer and more secure environment for Teradata’s customers and employees alike.
As an Offensive Security Engineer, you will be a key contributor to all aspects of the Teradata offensive security program. Every day is different as we strive to identify security risks, automate repeatable tasks and processes, and support our product teams as they build secure, next-generation analytics toolsets. A participant in architecture and design meetings, your alternative perspective will ensure robust and hardened products. You will design and execute a variety of security assessments, including penetration tests and red team operations to explore and demonstrate potential threats while highlighting risk. As part of a small and diverse team of experts in their field you will be learning and growing on a daily basis. You will provide valuable insight to senior members of teams across Teradata, helping them to develop a security first mindset.
- Lead threat model reviews and provide alternative perspective on potential security concerns
- Conduct wide range of internal security assessments using architecture and threat model documents to identify and exploit product security flaws before public release
- Act as liaison between external penetration testing firms and internal product teams to ensure low friction, high value external engagements
- Assist product teams in remediation efforts by clarifying finding details and identifying best practice fixes or mitigations
- Participate in working groups to evaluate and refine secure development lifecycle strategies and procedures
- Evaluate existing automated security scanning tools, or develop when practical, to identify vulnerabilities in continuous test environment to eliminate potential of repeat findings over multiple tests
- Contribute to and support effort to build intellectual property via patents
- Design and present developer security education
- Conduct security assessments such as penetration tests and red team operations
- Write and present detailed reports with findings and remediation recommendations, for both technical and non-technical audiences
- Ability to communicate effectively with business representatives in explaining findings clearly and where necessary, in layman's terms
- In-depth knowledge of at least one technical area of expertise (e.g. Active Directory administration, web application development, network engineering, etc)
- Ability to automate tasks using a scripting language (Python, Ruby, etc)
- Familiarity with common reconnaissance, exploitation, and post exploitation frameworks
- Understanding of common vulnerability projects (OWASP Top 10, SANS Top 20, etc)
- Ability to perform targeted penetration tests without use of automated tools
- Ability to read multiple programming and scripting languages
- Strong attention to detail in conducting analysis combined with an ability to accurately record full documentation in support of their work
- 1+ years in an offensive security position or 3+ years in security
- Penetration testing focused certification preferred (OSCP, GPEN, GXPN, GWAPT, EWPT, etc.)
CountryEEOText_Description: Teradata is an Equal Opportunity/Affirmative Action Employer and commits to hiring returning veterans.
City: San Diego
Community / Marketing Title: Offensive Security Engineer
Job Category: Engineering
With all the investments made in analytics, it’s time to stop buying into partial solutions that overpromise and underdeliver. It’s time to invest in answers. Only Teradata leverages all of the data, all of the time, so that customers can analyze anything, deploy anywhere, and deliver analytics that matter most to them. And we do it at scale, on-premises, in the Cloud, or anywhere in between.
We call this Pervasive Data Intelligence. It’s the answer to the complexity, cost, and inadequacy of today’s analytics. And it's the way Teradata transforms how businesses work and people live through the power of data throughout the world. Join us and help create the era of Pervasive Data Intelligence.
Location_formattedLocationLong: San Diego, California US