What you'll do...
The Information Security team has the herculean task of assuring that customers can safely shop with peace of mind knowing their data and information will be safe and secure. Solving some of the most unique cyber security problems in the industry, our team members share an elevated level of creativity and ingenuity to secure data for the largest retail operation in the world.
You’ll sweep us off our feet if….
You are on the cutting edge of security for a wide variety of platforms and technologies including cloud services, Internet of Things (IoT), identity and access management, mobile development, virtualization, AI and Robotics and custom hardware, all operating at massive scale
You're a a thought leader and mentor junior security practitioners throughout the organization
You're a seasoned Penetration Tester/Ethical Hacker, you will be expected to have strong knowledge in multiple domains while providing meaningful contributions
You’ll make an impact by…
Performing expert security testing techniques against unique targets in a diverse global technology footprint
Identifying exploitable security vulnerabilities in IoT, embedded devices, cloud-based technologies and services, mobile solutions, APIs, hardware, firmware, source code and applications
What you’ll do…
Developing exploits and customized proof of concepts for diverse targets and tech stacks
Developing and utilizing advanced tools for penetration testing and exploiting vulnerabilities
Researching, learning, and continuously improving skills to emulate attacker tactics, techniques, and procedures
Influencing technical and business strategies by articulating technical risk associated with key business solutions
Providing security and vulnerability remediation expertise to technology stakeholders and partners
Mentoring and sharing knowledge with other security practitioners and technology stakeholders
Leads implementation of advanced security technology solutions by conducting feasibility studies, proof of concept, product comparison, and/or optimization analyses; participating in project artifact and technical reviews; challenging suppliers to improve technology; and researching technology and software development for secure information technology solutions.
Maintains and advances security expertise by reviewing new technologies; maintaining knowledge of current security standards (for example, NIST 800-53, ISO27001, Cloud Security Alliance); participating in continuing education and training (for example, relevant industry certifications, forums); and maintaining expert level knowledge of enterprise technologies.
What you’ll bring…
10+ years Information Security experience
7+ years expert experience executing penetration testing/ethical hacking against IoT, embedded systems, cloud-based technologies, mobile, hardware, APIs, web applications
Expert-level experience security testing in dynamic enterprise cloud environments
Possess one or more of these credentials: OSCP, OSWE, GXPN, GWAPT, GPEN (preferred but not required)
Strong communication skills with the ability to articulate and translate security and risk management terminology in business terms
Motivated by challenges and have a proven track record for delivering results at scale
About Global Tech
Imagine working in an environment where one line of code can make life easier for hundreds of millions of people and put a smile on their face. That’s what we do at Walmart Global Tech. We’re a team of 15,000+ software engineers, data scientists and service professionals within Walmart, the world’s largest retailer, delivering innovations that improve how our customers shop and empower our 2.2 million associates. To others, innovation looks like an app, service or some code, but Walmart has always been about people. People are why we innovate, and people power our innovations. Being human-led is our true disruption.
Working virtually this year has helped us make quicker decisions, remove location barriers across our global team, be more flexible in our personal lives and spend less time commuting. Today, we are reimagining the tech workplace of the future by making a permanent transition to virtual work for most of our team. Of course, being together in person is an important part of our culture and shared success. We’ll collaborate in person at a regular cadence and with purpose.
Walmart, Inc. is an Equal Opportunity Employer – By Choice. We believe we are best equipped to help our associates, customers and the communities we serve live better when we really know them. That means understanding, respecting and valuing diversity- unique styles, experiences, identities, ideas and opinions – while being inclusive of all people.
Outlined below are the required minimum qualifications for this position. If none are listed, there are no minimum qualifications.
Bachelor’s degree in Information Technology, Computer Science, or related field and 6 years' experience in information technology or related field within the last 10 years OR 8 years' experience in information technology or related field within the last 10 years.
Outlined below are the optional preferred qualifications for this position. If none are listed, there are no preferred qualifications.
Analyzing malware, Analyzing network packet captures (for example, WireShark, Snort, Bro, Suricata, Netwitness, At least three of the following technologies: security incident and event management (SIEM), intrusion defense system (IDS), intrusion prevention system (IPS), Firewall, Antivirus, Web Proxies, Authentication, Cryptography, Unix/Windows server administration, and/or network administration, Certified Intrusion analyst (GCIAs), GIAC Reverse Engineering Malware (GREM), GIAC Penetration Testing Certification (GPEN), GIAC Certified Enterprise Defender (GCED), Certified Geographic Information Systems Professional (GISP), GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), Cisco Certified Network Associate (CCNA), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH), GIAC Security Essentials Certification (GSEC), Offensive Security Certified Professional (OSCP), and/or Security Cisco Certified Networking Professional – Security (CCNP-Security), Creating and presenting technical strategies and technical solution recommendations, Designing and implementing technical solutions, Integrating new technologies into existing technology portfolio, Leading a cross-functional team, One of the following scripting/programming languages: Python, Perl, Powershell, VB Script, Ruby, PHP, Bash, C, C++, C#, or .Net, Securing applications, operating systems, or networks