Offensive Security Engineer
Location: San Diego, California US
Requisition Number: 207069
Position Title: Offensive Security Engineer (I)
The Offensive Security Team at Teradata drives security improvement through research and education. Teradata offensive assessments range from application penetration tests and research projects to wide scope full-scale adversary simulation. These exercises are supplemented with demonstrations, reports, training, and automated tool development to assist engineering and operation teams in creating safer environments for Teradata's customers and employees.
As an Offensive Security Engineer, you will be a key contributor to all aspects of the Teradata offensive security program. Every day is different as we strive to identify security risks, develop tools, and create training based on findings. As a participant in architecture and design meetings, your alternative perspective will ensure robust and hardened products and infrastructure. You will design and execute a variety of security assessments, including penetration tests and red team operations to explore and demonstrate potential threats while highlighting risk. As part of a small and diverse team of experts in their field, you will be learning and growing on a daily basis. You will provide valuable insight to senior members of teams across Teradata, helping them to develop a security-first mindset.
- Conduct a wide range of offensive security assessments (White, Grey, Black Box), utilizing architecture diagrams, threat models, and code repositories to identify and exploit security flaws
- Write and present detailed reports with findings and remediation recommendations, for both technical and non-technical audiences
- Assist teams in remediation efforts by clarifying finding details and identifying best practice fixes or mitigations
- Design and present developer security education
- Evaluate existing automated security tools, or develop when practical, to assist in identifying and exploiting activities
- Participate in working groups to evaluate and refine secure lifecycle strategies and procedures
- Contribute to and support the effort to build intellectual property via patents
- Ability to communicate effectively with business representatives in explaining findings clearly and where necessary, in non-technical terms
- In-depth knowledge of at least one technical area of expertise (e.g. Active Directory administration, web application development, network engineering, etc)
- Ability to automate tasks using a scripting language (Python, Ruby, etc)
- Familiarity with common reconnaissance, exploitation, and post-exploitation frameworks
- Understanding of common vulnerability projects (OWASP Top 10, SANS Top 20, etc)
- Ability to perform targeted penetration tests without the use of automated tools
- Ability to read multiple programming and scripting languages
- Strong attention to detail in conducting analysis combined with an ability to accurately record full documentation in support of their work
- 1+ years in an offensive security position or 0-3 years in information security
- Penetration testing focused certification preferred (OSCP, GPEN, GXPN, GWAPT, EWPT, etc)
CountryEEOText_Description: Teradata invites all identities and backgrounds in the workplace. We work with deliberation and intent to ensure we are cultivating collaboration and inclusivity across our global organization. We are proud to be an equal opportunity and affirmative action employer. We do not discriminate based upon race, color, ancestry, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related conditions), national origin, sexual orientation, age, citizenship, marital status, disability, medical condition, genetic information, gender identity or expression, military and veteran status, or any other legally protected status.
City: San Diego
Community / Marketing Title: Offensive Security Engineer
Job Category: IT
With all the investments made in analytics, it’s time to stop buying into partial solutions that overpromise and underdeliver. It’s time to invest in answers. Only Teradata leverages all of the data, all of the time, so that customers can analyze anything, deploy anywhere, and deliver analytics that matter most to them. And we do it at scale, on-premises, in the Cloud, or anywhere in between.
We call this Pervasive Data Intelligence. It’s the answer to the complexity, cost, and inadequacy of today’s analytics. And it's the way Teradata transforms how businesses work and people live through the power of data throughout the world. Join us and help create the era of Pervasive Data Intelligence.
Location_formattedLocationLong: San Diego, California US