Please Enable Cookies to Continue
Please enable cookies in your browser to experience all the personalized features of this site, including the ability to apply for a job.
We are living in exciting times. There is a perfect storm created by three trends: Cloud, Mobility and Virtualization. This promises to change the face of Enterprise Networking as we know it. This role encompasses many aspects .
Aerohive is one of the best kept secrets in Enterprise Networking. This top-tier venture backed firm is changing the way Enterprise Networking is done, and we are looking for a passionate Senior Security Engineer to join our Cloud Operations Team.
Do you want to be at the intersection of Cloud, Mobility and Networking trends and lead the change in enterprise networking? Are you passionate about simplifying the complex world of enterprise networking? If so, please read further.
This position will work both independently and as part of our Cloud Operations team to perform Security Assessments including: vulnerability assessments, penetration tests, wireless security assessments and social engineering. The Senior Security Engineer will contribute to the development and continuous improvement of the Security Assessment practice through various team and industry contributions.
- Bachelor’s Degree (B.A.) from a four-year college or university in Computer Science, Management Information Systems, Engineering or Information Assurance or related area of study; or four or more years related experience and/or training; or equivalent combination of education and experience required
- Minimum 3 years of Information Security experience required
- Minimum 2 years of practice specific experience required
- Experience performing Security Assessments work (vulnerability, penetration tests, wireless security and social engineering) on a full-time basis for at least the past year required
- Minimum 1 year of client facing consulting experience required
- OSCP, OSCE, GIAC, CISSP certifications strongly preferred
- Demonstrated ability to deliver projects using well-defined methodology across various security assessment disciplines including:
Network Vulnerability Assessments - Required
Penetration Tests - Required
Wireless Network Security Assessments
Social Engineering (Telephony, onsite and remote pre-texting, spear phishing, etc.)
Physical Security Assessments (Tailgating, lock picking, camera evasion, dumpster diving, etc.)
VoIP Security & War Dialing
Product/Hardware Security Assessments
Web application Vulnerability Assessments (SQLi, XSS, Session management issues, etc.)
- Ability to combine multiple separate findings to identify complex blended vulnerabilities that would not be exploitable as a result of a single weakness
- Ability to identify, describe and report vulnerabilities and standard remediation activities, to include clear demonstration of risk to clients through post-exploitation activities
- Mastery of commercial and open source security tools required (e.g. Nessus, Nexpose, SAINT, Qualys, Burp, NMap, Kali, Metasploit, Meterpreter, Wireshark, Kismet, Aircrack-ng etc.)
- Familiarity with many different network architectures, network services, system types, network devices, development platforms and software suites required (e.g. Linux, Windows, Cisco, Oracle, Active Directory, JBoss, .NET, etc.) required.
- Excellent verbal and written communication skills required
- Demonstrated ability to create comprehensive assessment reports
- Must be able to work well with customers and self-manage through difficult situations, focus on client satisfaction
- Ability to convey complex technical security concepts to technical and non-technical audiences including executives
- Ability to work both independently as well as on teams