Penetration Testing Engineer II

About The Position

Requirements

• Master’s degree or the equivalent in Computer Science, Information Technology, Engineering, or related field plus 1 year of experience in information technology or related experience; OR Bachelor's degree or the equivalent in Computer Science, Information Technology, Engineering, or related field plus 2 years of experience in information technology or related experience; OR 4 years of experience in information technology or related experience
• Performing in-depth security assessment/penetration testing of business critical and high-risk assets as per OWASP Top 10
• Managing a program assessment (scoping) from initial planning, scheduling, and communications with systems owners and related stakeholders through to final reporting
• Delivering technical debriefs to engineers/developers, which helps them in fixing the identified vulnerability
• Manual and automated vulnerability assessment of web applications using Burp Suite, PostMan, MicroFocus Fortify, Nikto, Skipfish, SSLScan, DirBuster, Flagfox, Wappalyzer, Live HTTP Header and Tamper Data, Kali Linux
• Evaluating and maintaining testing tools, hardware, and equipment, creating new tools where appropriate
• Bachelor's degree in computer science, information technology, engineering, information systems, cybersecurity, or related area (Option 1)
• 3 years’ experience in penetration testing or related area at a technology, retail, or data-driven company (Option 2)

Nice To Haves

• Certification in Security+, Network+, GISF, or GSEC
• Background in creating inclusive digital experiences, demonstrating knowledge in implementing Web Content Accessibility Guidelines (WCAG) 2.2 AA standards, assistive technologies, and integrating digital accessibility seamlessly
• Knowledge of accessibility best practices and joining in creating accessible products and services following Walmart’s accessibility standards and guidelines for supporting an inclusive culture

Responsibilities

• Manage a program assessment (scoping) from initial planning, scheduling, communications with systems owners and related stakeholders through to final reporting
• Prepare required assessment documentation
• Assist in process improvement and automation for the assessment methodology
• Conduct assessments of client and contractor hardware, to ensure compliance with security requirements
• Analyze and determine compliance with applicable federal and legislative regulations
• Partner with other cyber security and development team to identify businesses critical/high-risk assets [Web/mobile application, Servers, Network, Point of Sales machines, Robots]
• Perform in-depth security assessment/penetration testing of businesses’ critical and high-risk assets as per OWASP top ten, SANS top twenty-five, HIPPA and PCI DSS standard
• Identify and exploit vulnerabilities in commercial, open source, and custom software applications; infrastructure; people; and processes running across one of the world’s largest networks
• Compose test reports and record vulnerability data according to Governance, Risk, and Compliance (GRC) processes
• Deliver technical debriefs to engineers/developers, which helps them in fixing the identified vulnerability
• Evaluate and maintain testing tools, hardware, and equipment, creating new tools where appropriate

Benefits

• Competitive pay
• Performance-based bonus awards
• Health benefits (medical, vision and dental coverage)
• 401(k)
• Stock purchase
• Company-paid life insurance
• Paid time off (PTO, including sick leave)
• Parental leave
• Family care leave
• Bereavement
• Jury duty
• Voting leave
• Short-term disability
• Long-term disability
• Company discounts
• Military Leave Pay
• Adoption and surrogacy expense reimbursement
• Live Better U (Walmart-paid education benefit program for full-time and part-time associates in Walmart and Sam's Club facilities, covering tuition, books, and fees for high school completion to bachelor's degrees, including English Language Learning and short-form certificates)