RestonRecruiter Since 2001
the smart solution for Reston jobs

Security Engineer- Penetration Tester

Company: Qualtrics
Location: Reston
Posted on: September 20, 2022

Job Description:

The Qualtrics XM Platform--- is a system of action that helps businesses to attract customers who stay longer and buy more, to engage and empower employees to do the best work of their lives, to develop breakthrough products people love, and to build a brand people can't imagine living without.Joining Qualtrics means becoming part of a team bold enough to chase breakthrough experiences - like building a technology that will be a force for good. A team committed to diversity, equity, and inclusion because of a conviction that every voice holds value, with a vision for representation that matches the world around us and inclusion that far exceeds it. You could belong to a team whose values center on transparency, being all in, having customer obsession, acting as one team, and operating with scrappiness. All so you can do the best work of your career.We believe every interaction is an opportunity. Are we yours?
Company Description
At Qualtrics, our mission is to close experience gaps-the costly differences between what customers and employees expect, and what they're receiving. 13,000+ organizations worldwide and more than 80% of the Fortune 100 rely on the Qualtrics Experience Management Platform--- to collect, analyze, and act on feedback-more feedback than they ever thought possible. With Qualtrics XM, organizations can manage the four core experiences of business-customer, employee, product, and brand experience. Organizations can be at every meaningful touchpoint, for every experience, and predict what will resonate most with customers and employees.
The Challenge
As Qualtrics continues to expand the Experience Management (XM) platform, we must ensure that we're protecting our customers and their data by building and operating secure systems. As over a thousand software & system engineers contribute to Qualtrics XM every day, we have a large attack surface to evaluate and secure.

Qualtrics is looking for an experienced security engineer and penetration tester with a passion for security and the aptitude to uncover difficult-to-identify security bugs which require detailed knowledge of our complex systems.
A Day in the Life

  • Use manual penetration testing techniques to identify or validate vulnerabilities in Qualtrics web applications, systems, networks and mobile applications
  • Leverage your accumulated subject matter expertise of Qualtrics applications, systems and code, as well as findings from SAST, DAST, IAST, network vulnerability scanners and similar assessment tools to augment manual testing
  • Manage bug bounty and vulnerability disclosure programs, including the triage and validation of reported findings
  • Organize and lead internal purple and red team exercises to systematically evaluate Qualtrics environments for security flaws
  • Document remediation recommendations and collaborate with engineers to ensure vulnerability findings are successfully and efficiently addressed
  • Review source code & software/system designs, and consult with software engineers across the organization to identify and/or avoid security issues through alignment to security standards
  • Document and improve secure SDL processes, standards and guidelines
  • Deliver training and provide mentoring to software engineers on security topics
  • Facilitate threat modeling exercises to ensure optimized security design decisions are being made
  • Make recommendations for architecture & design improvements to address recurring issues
  • Automate redundant tasks for assessment and related activities in order to optimize our team's efficiency and reach

    The Expectation for Success
    You will work effectively with the Qualtrics engineering organization and fellow security engineers, providing reliable technical security expertise to identify and resolve security issues. You will seek to streamline and automate processes in order to deliver maximum results in limited time. Skills That Will Lead to Success

    • Bachelor's degree in Computer Science or a related field
    • At least three years performing manual web application penetration testing as a primary job responsibility, including the use of professional penetration testing tools (e.g., Burp Suite)
    • Sound understanding of application and network security vulnerabilities (e.g., OWASP Top 10), defense techniques and security best practices, including language-specific security practices and present-day threats
    • Experience with modern application development languages and frameworks (e.g., Node.js, Java, Golang, Python, React, Angular)

      Preferred Qualifications

      • Experience with assessing large, complex SaaS applications
      • One or more relevant security certifications (CEPT, CMWAPT, CPT, CEH, LPT, GWAPT, GPEN, GXPN, OSCP)
      • Familiarity with AWS, Docker, Kubernetes, Linux and similar infrastructure/technologies
      • iOS/Android mobile application pentesting experience
      • Prior full time software development experience

        What differentiates us from other companies

        • Work life integration is deeply important to us - we have frequent office events, team outings, and happy hours.
        • We take pride in our office design aiming at cultivating creativity from our rooftop views to an open and collaborative work space.
        • On top of standard benefits package (medical, dental, vision, life insurance, etc) we provide snacks, drinks, and free lunches in our office.
        • We believe in sharing Qualtrics success which is part of the compensation for all employees.

          Qualtrics has moved to a hybrid work environment. The majority of our employees will be assigned to a physical office location and be expected to work at least one day a week in the office. Check out this blog by our CEO, Zig Serafin to learn more about our philsophy around hybrid work.

          Qualtrics is an equal opportunity employer meaning that all qualified applicants will receive consideration for employement without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.

          Qualtrics is committed to the inclusion of all qualified individuals. As part of this commitment, Qualtrics will ensure that persons with disabilities are provided with reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please let your Qualtrics contact/recruiter know.PI189341460

Keywords: Qualtrics, Reston , Security Engineer- Penetration Tester, Engineering , Reston, Virginia

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Virginia jobs by following @recnetVA on Twitter!

Reston RSS job feeds