Specialist, Offensive Security Engineer
Prudential Financial
Job Classification:
Technology - Information SecurityAre you interested in building capabilities that enable the organization with innovation, speed, agility, scalability and efficiency? The Global Technology team takes great pride in our culture where digital transformation is built into our DNA! When you join our organization at Prudential, you’ll unlock an exciting and impactful career – all while growing your skills and advancing your profession at one of the world’s leading financial services institutions.
Your Team & Role
As a Specialist, Offensive Security Engineer on the Attack Surface Management team, you will be at the forefront of our efforts to identify and mitigate security risks. Your responsibilities will include conducting a combination of automated and manual offensive testing, communicating complex concepts, and influencing others to adopt an attacker mindset. You will work on difficult problems in which analysis of context or data requires an in-depth evaluation of security controls. In addition to your hands-on experience in offensive security, you demonstrate a strong ability to solve complex problems and communicate effectively within your team and across the organization. You consistently collaborate with others, showing a commitment to teamwork and agile work practices. Your deep understanding of the business environment informs your technical decisions, ensuring solutions align with organizational goals. Finally, your dedication to continuous learning ensures that you stay current with industry developments and maintain a forward-thinking approach in all your professional endeavors.
Here is What You Can Expect on a Typical Day
Conduct control and system security analysis utilizing modern continuous penetration testing solutions.
Use security system expertise to enhance processes, spot improvements, and maintain proper documentation.
Use automated and manual offensive tests to spot risks and support remediation throughout the organization.
Drive project work independently with minimal assistance from senior team members.
Proactively engage with IT peers and business stakeholders to ensure an appropriate Information Security mindset is in place with our technology and business partners.
The Skills & Expertise You Bring
Bachelor of Computer Science or Engineering or experience in related fields
Experience with agile development methodologies
Knowledge of business concepts and information security tools and processes that are needed for making sound decisions in the context of the company's business
Ability to learn new skills and knowledge on an on-going basis through self-initiative and tackling challenges
Strong written and verbal communication skills, specifically in the infosec domain. The work the Offensive Security team does is highly technical and consumed by many different audiences. Being able to bridge the gap and communicate effectively to these audiences will be invaluable and ultimately lead to decreased cyber risk.
Applied experience with several of the following:
Reviewing infrastructure, application, and control security and identifying vulnerabilities.
Experienced in using various security tools and services, including penetration testing tools and continuous attack surface management solutions.
Understanding of frameworks such as OWASP WSTG, MITRE ATT&CK, software development lifecycle (SDLC).
Comprehensive knowledge of different network and web protocols (such as TCP/IP, DNS, HTTP(S), web sockets, LDAP) and web technology stacks.
Demonstrates a thorough understanding of adversarial tactics, techniques, and procedures (TTPs). This includes the ability to identify and analyze the strategies employed by threat actors in order to enhance the organization’s defensive posture
Able to read, understand, and work with code in one or more programming languages.
Proficient in scripting languages such as PowerShell, Bash, and Ruby.
Preferred qualifications:
Familiarity with Exploit Development, Cloud, or Mobile Security is a plus.
Experience with developing and using C2 frameworks such as Cobalt Strike, Empire, SCYTHE, and Metasploit.
In-depth knowledge of evasion techniques, including experience with developing custom payloads and bypassing security controls.
Participation in and/or managing bug bounty/responsible disclosure programs.
Relevant offensive security certifications such as GPEN, GWAPT, GXPN, OSCP, OSWE, OSEP
You’ll Love Working Here Because You Can
Join a team and culture where your voice matters; where every day, your work transforms our experiences to make lives better. As you put your skills to use, we’ll help you make an even bigger impact with learning experiences that can grow your technical AND leadership capabilities. You’ll be surprised by what this rock-solid organization has in store for you.
What we offer you:
Prudential is required by state specific laws to include the salary range for this role when hiring a resident in applicable locations. The salary range for this role is from $99,700.00 to $148,500.00. Specific pricing for the role may vary within the above range based on many factors including geographic location, candidate experience, and skills.Market competitive base salaries, with a yearly bonus potential at every level.
Medical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental and military leave.
401(k) plan with company match (up to 4%).
Company-funded pension plan.
Wellness Programs including up to $1,600 a year for reimbursement of items purchased to support personal wellbeing needs.
Work/Life Resources to help support topics such as parenting, housing, senior care, finances, pets, legal matters, education, emotional and mental health, and career development.
Education Benefit to help finance traditional college enrollment toward obtaining an approved degree and many accredited certificate programs.
Employee Stock Purchase Plan: Shares can be purchased at 85% of the lower of two prices (Beginning or End of the purchase period), after one year of service.
Eligibility to participate in a discretionary annual incentive program is subject to the rules governing the program, whereby an award, if any, depends on various factors including, without limitation, individual and organizational performance. To find out more about our Total Rewards package, visit Work Life Balance | Prudential Careers. Some of the above benefits may not apply to part-time employees scheduled to work less than 20 hours per week.
Prudential Financial, Inc. of the United States is not affiliated with Prudential plc. which is headquartered in the United Kingdom.
Prudential is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, gender identity, national origin, genetics, disability, marital status, age, veteran status, domestic partner status, medical condition or any other characteristic protected by law.
If you need an accommodation to complete the application process, please email accommodations.hw@prudential.com.
If you are experiencing a technical issue with your application or an assessment, please email careers.technicalsupport@prudential.com to request assistance.