USA
10 hours ago
Security Testing Director
The Proactive Security Testing practice, formerly Gotham Digital Science (GDS), is looking for a motivated individual with natural leadership abilities to provide guidance to its best-in-class team of penetration testers. We want technical people leading technical people. We are looking for an individual that can use their previous penetration testing experience. Work with multiple teams to help win and be responsible for the delivery of client engagements. Mentor junior penetration testers! What the day will look like Assist with managing several large enterprise client accounts. Collaborate with internal Business Development teams to understand and define penetration testing needs of new prospective customers. Create statement of work / proposals for clients that define scope of work, duration, deliverables, and pricing. Coordinate technical delivery of closed won engagements across a variety of disciplines including web application, security code review, mobile security, external/internal network security, social engineering, and red team engagements. Work with penetration testers to ensure execution of scope and thorough coverage. Provide quality assurance and technical review of client work and internal documentation. Work alongside various internal teams (e.g., operations, finance, delivery, technical) to ensure overall success of client engagement. Mentor junior security testing team members, including internal career development/planning and promotion paths. Assist with business operations including service line development and process improvements. Skills and Experience that will lead to success. + 2+ years of experience with business development, scoping, and client/project management + 5+ years of prior experience with penetration testing against web applications and/or external/internal network infrastructure-running automated beyond tools + Ability to quickly understand a client’s business and their associated cases to effectively articulate a security strategy aligned to their organization. + Experience writing technical reports, as well as performing quality assurance and technical review. + Familiarity with application layer assessment tools, such as Burp Suite and other fuzzers/proxies, and/or nmap, Nessus, etc. + Understanding of Unix, Windows, and basic networking + Ability to work remotely as part of a distributed team and travel to client sites only in rare circumstances --- **Current travel is HIGHLY limited. + Strong organizational skills with the ability to prioritize tasks and lead time efficiently. Superb communication in English (both written and oral); able to concisely communicate security risks to both technical and business audiences. The following skills are not required from applicants but would be considered a plus: + Reputable security certifications, including but not limited to: OSCP, OSCE, OSWE, OSEE, OSWP, GPEN, GXPN, CMWAPT + Experience working at a reputable penetration testing company. + Engaged in industry thought leadership activities, such as conference talks and/or published research via whitepapers, security blogs, etc. + Experience leading a team focused on software development, network administration or security assessments. + Experience developing custom scripts or tools used for vulnerability scanning and identification. + Development and/or source code review experience in Java, C#, C/C++, PHP, Ruby, Python, Go, Swift, Objective C/C++, Kotlin, etc. How we support our colleagues In addition to our comprehensive benefits package, we encourage a diverse workforce. Plus, our agile, inclusive environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two “Global Wellbeing Days” each year, encouraging you to take time to focus on yourself. We offer a variety of working style solutions, but we also recognize that flexibility goes beyond just the place of work... and we are all for it. We call this Smart Working! Our continuous learning culture inspires and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued. Aon values an innovative, diverse workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace. Aon provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, domestic partner status, or other legally protected status. We welcome applications from all and provide individuals with disabilities with reasonable adjustments to participate in the job application, interview process and to perform essential job functions once onboard. If you would like to learn more about the reasonable accommodations we provide, email ReasonableAccommodations@Aon.com For positions in San Francisco and Los Angeles, we will consider for employment qualified applicants with arrest and conviction record in accordance with local Fair Chance ordinances. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. Pay Transparency Laws: The salary range for this position (intended for U.S. applicants) is $160,000 - $180,000 annually. The actual salary will vary based on applicant’s education, experience, skills, and abilities, as well as internal equity and alignment with market data. The salary may also be adjusted based on applicant’s geographic location. This position is eligible to participate in one of Aon’s annual incentive plans to receive an annual discretionary bonus in addition to base salary. The amount of any bonus varies and is subject to the terms and conditions of the applicable incentive plan. Aon offers a comprehensive package of benefits for full-time and regular part-time colleagues, including, but not limited to: a 401(k) savings plan with employer contributions; an employee stock purchase plan; consideration for long-term incentive awards at Aon’s discretion; medical, dental and vision insurance, various types of leaves of absence, paid time off, including 12 paid holidays throughout the calendar year, 15 days of paid vacation per year, paid sick leave as provided under state and local paid sick leave laws, short-term disability and optional long-term disability, health savings account, health care and dependent care reimbursement accounts, employee and dependent life insurance and supplemental life and AD&D insurance; optional personal insurance policies, adoption assistance, tuition assistance, commuter benefits, and an employee assistance program that includes free counseling sessions. Eligibility for benefits is governed by the applicable plan documents and policies. #LI-KH1 2553262 The Proactive Security Testing practice, formerly Gotham Digital Science (GDS), is looking for a motivated individual with natural leadership abilities to provide guidance to its best-in-class team of penetration testers. We want technical people leading technical people. We are looking for an individual that can use their previous penetration testing experience. Work with multiple teams to help win and be responsible for the delivery of client engagements. Mentor junior penetration testers! What the day will look like Assist with managing several large enterprise client accounts. Collaborate with internal Business Development teams to understand and define penetration testing needs of new prospective customers. Create statement of work / proposals for clients that define scope of work, duration, deliverables, and pricing. Coordinate technical delivery of closed won engagements across a variety of disciplines including web application, security code review, mobile security, external/internal network security, social engineering, and red team engagements. Work with penetration testers to ensure execution of scope and thorough coverage. Provide quality assurance and technical review of client work and internal documentation. Work alongside various internal teams (e.g., operations, finance, delivery, technical) to ensure overall success of client engagement. Mentor junior security testing team members, including internal career development/planning and promotion paths. Assist with business operations including service line development and process improvements. Skills and Experience that will lead to success. + 2+ years of experience with business development, scoping, and client/project management + 5+ years of prior experience with penetration testing against web applications and/or external/internal network infrastructure-running automated beyond tools + Ability to quickly understand a client’s business and their associated cases to effectively articulate a security strategy aligned to their organization. + Experience writing technical reports, as well as performing quality assurance and technical review. + Familiarity with application layer assessment tools, such as Burp Suite and other fuzzers/proxies, and/or nmap, Nessus, etc. + Understanding of Unix, Windows, and basic networking + Ability to work remotely as part of a distributed team and travel to client sites only in rare circumstances --- **Current travel is HIGHLY limited. + Strong organizational skills with the ability to prioritize tasks and lead time efficiently. Superb communication in English (both written and oral); able to concisely communicate security risks to both technical and business audiences. The following skills are not required from applicants but would be considered a plus: + Reputable security certifications, including but not limited to: OSCP, OSCE, OSWE, OSEE, OSWP, GPEN, GXPN, CMWAPT + Experience working at a reputable penetration testing company. + Engaged in industry thought leadership activities, such as conference talks and/or published research via whitepapers, security blogs, etc. + Experience leading a team focused on software development, network administration or security assessments. + Experience developing custom scripts or tools used for vulnerability scanning and identification. + Development and/or source code review experience in Java, C#, C/C++, PHP, Ruby, Python, Go, Swift, Objective C/C++, Kotlin, etc. How we support our colleagues In addition to our comprehensive benefits package, we encourage a diverse workforce. Plus, our agile, inclusive environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two “Global Wellbeing Days” each year, encouraging you to take time to focus on yourself. We offer a variety of working style solutions, but we also recognize that flexibility goes beyond just the place of work... and we are all for it. We call this Smart Working! Our continuous learning culture inspires and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued. Aon values an innovative, diverse workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace. Aon provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, domestic partner status, or other legally protected status. We welcome applications from all and provide individuals with disabilities with reasonable adjustments to participate in the job application, interview process and to perform essential job functions once onboard. If you would like to learn more about the reasonable accommodations we provide, email ReasonableAccommodations@Aon.com For positions in San Francisco and Los Angeles, we will consider for employment qualified applicants with arrest and conviction record in accordance with local Fair Chance ordinances. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. Pay Transparency Laws: The salary range for this position (intended for U.S. applicants) is $160,000 - $180,000 annually. The actual salary will vary based on applicant’s education, experience, skills, and abilities, as well as internal equity and alignment with market data. The salary may also be adjusted based on applicant’s geographic location. This position is eligible to participate in one of Aon’s annual incentive plans to receive an annual discretionary bonus in addition to base salary. The amount of any bonus varies and is subject to the terms and conditions of the applicable incentive plan. Aon offers a comprehensive package of benefits for full-time and regular part-time colleagues, including, but not limited to: a 401(k) savings plan with employer contributions; an employee stock purchase plan; consideration for long-term incentive awards at Aon’s discretion; medical, dental and vision insurance, various types of leaves of absence, paid time off, including 12 paid holidays throughout the calendar year, 15 days of paid vacation per year, paid sick leave as provided under state and local paid sick leave laws, short-term disability and optional long-term disability, health savings account, health care and dependent care reimbursement accounts, employee and dependent life insurance and supplemental life and AD&D insurance; optional personal insurance policies, adoption assistance, tuition assistance, commuter benefits, and an employee assistance program that includes free counseling sessions. Eligibility for benefits is governed by the applicable plan documents and policies. #LI-KH1
Confirm your E-mail: Send Email
All Jobs from AON