Belk
Position Summary:

The Penetration Tester is expected to conduct formal security testing on websites, applications, networks, systems, and facilities on both a planned and ad-hoc basis. The Penetration Tester will be a key adviser to security personnel on defensive strategies and work with other personnel to secure and reduce overall risk to Belk.  

Essential Functions/Responsibilities:
  • Performs thorough penetration testing that includes the identification, reporting, and recommendations for security vulnerabilities while adhering to management driven scope and deadlines.
  • Participates in Red/Blue Team exercises on a periodic basis so that management can assess effectiveness of security controls. 
  • Executes the Phishing program and ad-hoc social engineering tests.  
  • Identifies, proves, and reports vulnerabilities that cannot be identified by scanners or tools.
  • Reviews and identifies false positives generated by scanners or tools.
  • Obtains threat intelligence from white hat sources and stays up to date on the latest exploits and security trends.

  • Advises Incident Response on defensive and monitoring process design. 

  • Delivers clear and coherent written reporting and remediation guidance.
  • Demonstrates the ability to assess risk and apply to remediation guidance.
  • Demonstrates broad subject matter expertise of web, network, and system security.
  • Advises on security matters and provides workable solutions for remediation.

     

  • Assists in compliance activities for PCI and General Controls.

     

  • Assists in Incident Response activities.

     

  • Assists in review of security designs for network and various systems

     

  • Assists in administration of various security tools including on-call support as necessary.

     

  • Other duties as assigned.

Requirements/Qualifications:

Preferred Education & Experience:

  • Degree in Computer Science ore relevant field

  • CEH, GPEN, GWAPT, GXPN or OSCP certification(s)

  • Network / System Administration experience / background

  • Burp Suite Pro, Metasploit, Kali Linux

  • Working knowledge of PCI DSS

 

Competencies:

  • Takes actions to support Company strategies and tactics

  • Maintains positive attitude and momentum in challenging situations

  • Communicates effectively with all partners

  • Demonstrates flexibility, resiliency and productivity in response to shifting priorities

  • Strives for continuous improvement

  • Shares ideas with others to address daily business issues

  • Builds working relationships characterized by cooperation and mutual respect

  • Shares ideas and resolves conflict constructively

  • Leverages skills and experiences to contribute to the success of team goals

  • Recognizes individuals and team success

  • Works with managers and others to create and maintain a development plan

  • Displays an ongoing commitment to learning and self-improvement

  • Demonstrates an appreciation of diverse perspectives in interactions with others

  • Delivers on Belk’s brands and strives to exceed customer needs

  • Seeks and shares customer feedback with others

  • Delivers high quality products and services

  • Focuses on desired results and how best to achieve them

  • Takes personal responsibility for the quality and timeliness of work

  • Prioritizes work to accomplish most important objectives

     

Back to Job List