Job Description

Lab Summary:

The Development Quality Innovation (DQI) lab in Mountain View has a dual role: to research new automation tools and refine existing tools to meet our needs, and to act as a centralized QA group providing quality assessment through comprehensive end-to-end test strategies for various Endpoint security solutions developed.

This duality offers a unique opportunity to explore new concepts across different technologies and conduct original research in the quality domain.

More details about the project: Samsung Knox

Position Summary:

We are seeking a Senior Penetration Tester to conduct pre-authorized simulated attacks on our innovative B2B enterprise products and services, testing system resilience.

In this role, you will perform offensive security operations to emulate adversary tactics and procedures, testing preventative, detective, and response controls across our global technology landscape. Your expertise will influence technological decisions and help establish consistent offensive security processes and techniques within our team.

Our ideal candidate is a creative thinker and an excellent communicator, comfortable in a demanding, fast-paced environment. If you have a passion for security and a strong understanding of the latest technologies, we want to hear from you!

Position Responsibilities:

1. Develop expertise in our product solutions by analyzing design and architecture, and execute white box and black box penetration scenarios.
2. Plan, scope, and conduct vulnerability assessments and penetration tests on internal and external assets, including Android platform, Android apps, backend APIs, and cloud services.
3. Research and simulate adversary tactics for known security threats, identifying novel attack vectors to assess system security readiness.
4. Perform threat modeling, threat intelligence analysis, and scoping with stakeholders.
5. Assist in creating and maintaining internal penetration testing practices within the QA team.
6. Build test harnesses and automation suites to validate attack vectors in the Threat Lab.
7. Contribute to security research publications on journals.
8. Log and track vulnerabilities until resolution.
9. Coordinate with program management and security architects at internal and offshore sites to present plans, strategies, and reports.
10. Stay updated on current tools, technologies, and vulnerabilities to enhance testing practices.
11. Research and develop exploits for zero-day vulnerabilities.

Required Skills:

1. Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent experience.
2. 5+ years of experience in penetration testing, including at least 2+ years in Android security.
3. Strong knowledge of information security practices, malware, phishing attacks, attack vectors, and threat protection methods.
4. Proficiency in Java, Kotlin, C, or relevant programming languages.
5. Experience with reverse engineering tools (e.g., IDA Pro, Ghidra) and debugging tools (e.g., JTAG/SWD).
6. Excellent communication, documentation, and reporting skills.

Preferred Attributes:

• Experience with Endpoint security platforms.
• Participation in cybersecurity competitions or Capture The Flag (CTF) events.
• Security research blog posts, walkthroughs, or proof of concepts.
• Malware development or reverse engineering experience.
• Experience testing Endpoint Detection & Response (EDR), Extended Detection & Response (XDR), SIEM, SOAR, or related security products.
• Relevant cybersecurity certifications such as OSCP, OSWA, OSWE, CRTO, BSCP, or similar.

Job Tags

Similar Jobs