Penetration Tester

**Penetration Tester**

**Location: You can be Remote in India**

**As a TEAMMATE**:
We are looking for a talented **Penetration Tester** who likes to break software and embedded devices.

The **Penetration Tester** will provide broad and in-depth knowledge to conduct cyber operations across the organization globally. In this role, you will conduct offensive security operations to emulate adversary tactics and procedures to test preventative, detective and response controls across the global technology landscape. You will use your expertise to help influence technology decisions and work as part of a team to create consistent approaches to the offensive security processes and techniques.

**What you’ll get to do in this role**:

- Conduct formal testing on computer systems
- Assess the security of computer software and hardware
- Conduct security audits and legal cyberattack simulations by designing and utilizing hacking tools to access designated pieces of data during a predetermined time frame
- Generate tools for breaking into security systems
- Detect and correct system weaknesses
- Provide recommendations based on an assessment of hardware and software systems
- Implement solutions to enhance data security
- **Travel**: Up to 10% domestic or international travel on an as needed basis, such as to visit a Natus or customer site for complex investigations

**What we are looking for**:

- Bachelor’s degree in Computer Science or related technical field, with minimum 5+ years of penetration testing related experience
- CPT or CEH certification is desirable but not required
- Experience with medical device industry or other heavily regulated industry
- Ability to identify and exploit web vulnerabilities (XSS, CSRF, SQLi, SSRF, arbitrary file upload, etc.)
- Ability to identify and exploit mobile and desktop vulnerabilities (API issues, insecure storage, memory corruption, deep links, etc.)
- Clear communication skills and English fluency in speaking and writing
- Team player in a globally diverse environment
- Source code vulnerability analysis
- Robust creativity and analytical problem-solving skills
- Deep knowledge of at least one programming language (C#, Python, Go, Java, PowerShell, etc.)
- Knowledge of technical systems and terminology
- Proficiency in scripting languages

**Additional skills**:

- Network penetration testing experience with advanced knowledge of Linux and/or Windows OS and experience in supporting and installing multiple software products
- Protocol analysis
- CTF experience
- Secure coding practices
- Cryptography
- Reading and writing assembly (x86 and ARM)
- Binary analysis tools and debuggers (IDA Pro, Ghidra, WinDbg, etc.)
- Exploit Development
- Embedded systems experience
- Physical security or red team experience
- Strong knowledge of information security best practices, standards, guidelines, and frameworks, including NIST 800-53, NIST RMF, and NIST CSF. Strongly preferred: _FDA Pre-market and Post-market Guidance for Cybersecurity in Medical Devices, the HIPPA Security Rule, HSCC Joint Security Plan, AAMI TIR57, ISO/IEC 27000 family_

**We are PASSIONATE about**:
**Natus Medical Incorporated** is recognized by healthcare providers globally as **the** source for solutions to screen, diagnose and treat disorders of the brain, neural pathways and sensory nervous system. Our vision is to deliver innovative and trusted solutions to advance the standard of care and improve patient outcomes and quality of life. Natus products are used in hospitals, clinics and laboratories worldwide.

**EEO Statement**: _Natus Medical is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, veteran status, disability, sexual orientation, gender identity, or any other protected status._

**Come Join natUS**

LI-REMOTE