Technical Expert, Application Penetration, Security Testing

  • Walmart
  • Bentonville, AR, United States
  • 10/12/2018
Full time Information Technology

Job Description

Position Description

The Application Security Technical Expert is a very experienced, seasoned, and well-rounded penetration tester, belonging to Walmart’s Technology Team, protecting the globally distributed information assets of the world’s largest company through end to end solution testing. This person is a relentless and creative bug hunter among bug hunters with an eagle eye, disciplined methodology, and willingness to collaborate with some of the brightest security minds.

• Identify and exploit vulnerabilities in commercial, open source, and custom software applications; infrastructure; people; and processes running across one of the world’s largest networks
• Manage vulnerability and exploit data in large scale tests using collaboration tools across a tight-knit team
• Compose test reports and record vulnerability data according to Governance, Risk, and Compliance (GRC) processes
• Deliver technical debriefs to engineers and developers as needed
• Never stop learning the latest and most advanced security testing techniques, development tools and frameworks
• Maintain testing tools, hardware, and equipment, creating new tools where appropriate
• Foster a Purple (Red + Blue) Team environment to share information with defensive teams to increase Walmart’s overall security posture

Minimum Qualifications

• Bachelor’s degree in Computer Science, Engineering, or related fields, plus 4 years working in security roles, OR, 7+ years working in security testing roles

Additional Preferred Qualifications

• 5+ years Penetration Testing Experience or related certifications (e.g. OSCP, OSWP, OSCE, GPEN, GWAPT, GXPN)
• Demonstrable experience identifying and exploiting vulnerabilities in commercial, open source, and custom software products
• Demonstrable experience identifying and exploiting vulnerabilities in mobile applications (iOS, Android) is highly preferred
• Demonstrable strong experience with penetration testing tools (e.g. Metasploit, Burp Suite, etc.) and also capable of manually executing these same types of attacks without the use of the tools
• Demonstrable experience conducting post-exploitation activities is required
• Demonstrable experience conducting code reviews is preferred
• Excellent written communication skills
• Prior experience developing communication on technical subjects to be read by individuals with diverse levels of technical knowledge
• Excellent verbal skills preferred, security conference talks or publications are a plus
• Excellent knowledge of common operating systems is required, knowledge of less popular and legacy operating systems is a plus
• Strong knowledge of common networking configurations, load balancing, firewalls, and security controls
• Strong knowledge of authentication and SSO technologies
• Strong knowledge of applied cryptography and common implementation flaws
• Knowledge of virtualized infrastructures is preferred
• Prior experience with retail technologies is preferred
• Ability to develop software in python and ruby is highly preferred
• Ability to develop software in Java, C#, JavaScript (especially NodeJS), C/C++, Go, and other common languages is a plus
• Ability to build automation to eliminate reoccurring/repetitious work

Company Summary

What started small, with a single discount store and the simple idea of selling more for less, has grown over the last 50 years into the largest retailer in the world. Today, nearly 260 million customers visit our more than 11,500 stores under 72 banners in 28 countries and e-commerce sites in 11 countries each week. With fiscal year 2016 revenue of $482.1 billion, Walmart employs 2.3 million associates worldwide – 1.5 million in the U.S. alone. It’s all part of our unwavering commitment to creating opportunities and bringing value to customers and communities around the world.

Employer Job Listing Link