Princ Penetration Tester

Who Are We?
We are a team that brought you Norton, Avast, LifeLock, Avira, AVG, ReputationDefender, and CCleaner, dedicated to providing cybersecurity, privacy, and identity protection to over 500 million users in 150 countries. At Gen, we offer flexible working options, generous time off, and competitive benefits in a diverse and inclusive environment where every team member is valued and celebrated. If you are smart, fearless, and dedicated, join us to power Digital Freedom and help consumers take control of their digital lives.

How We Work?
We love to work together and collaborate in our teams, which is why we opted for a hybrid model, allowing us to work from the office 2-3 times per week.

Mission and Goals

Objectives-
- Lead Red and Purple Team exercises to improve defensive capabilities.- Lead and execute penetration tests aligned with regulatory standards, specifically focusing on FTC and PCI compliance.- Perform wireless network assessments, AI-driven system testing, and physical security assessments.- Create comprehensive reports and presentations tailored for technical and executive audiences.- Effectively communicate security findings and remediation strategies to technical teams, executive leadership, and legal counsel.- Utilize attacker tools, tactics, and procedures (TTPs) safely in testing environments.- Develop scripts, tools, and methodologies to enhance the red teaming and penetration testing processes.

Competencies- 5+ years of penetration testing or related security experience.- Expertise in at least three of the following:
- Network penetration testing and manipulation of network infrastructure.Automation or scripting using Perl, Python, Ruby, or similar languages.-
- Exploit development or modifying shellcode and existing exploit tools.-
- Application development in C#, ASP.NET, Objective C, or Java (J2EE).-
- Reverse engineering malware, data obfuscation, or cryptographic systems.-
- Regulatory penetration testing, particularly focusing on FTC and PCI compliance standards.-
- Source code review for control flow and security vulnerabilities.-
- Strong knowledge of operating systems and network protocols.- Proficiency with tools such as Burp Suite, Checkmarx, Snyk, Wireshark, Fiddler, and Wiz.- Ethical approach to security and business operations.- Fluency in written and spoken English (B2 level or higher).- Familiarity with Kali Linux and security frameworks like MITRE ATT&CK.- Desire to continuously learn new techniques and attack vectors.

Preferred Skills:- Familiarity with ICS, SCADA, BACnet protocols, and covert communication channels.- Basic understanding of AI and machine learning security, including adversarial attacks, model poisoning and secure deployment of AI systems.- Working knowledge of Unix/Linux/Mac/Windows operating systems, including scripting in Bash and Powershell.- Experience with security controls in AWS, GCP, and Azure cloud environments.- Understanding of security principles like defense-in-depth and security architectures.- Experience in guiding and mentoring junior team members, with a focus on developing technical skills and expertise.- Industry certifications like OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN, CEH or equivalent are highly desirable.

We also consider employment-qualified individuals with arrest and conviction records. In addition, we will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant.

Learn more about pay transparency


Gen complies with all anti-discrimination laws.

To conform to U.S. export control regulations, applicant should be eligible for any required authorizations from the U.S. Government.