GoDaddy powers the world's largest cloud platform dedicated to small, independent ventures. Our mission is to empower entrepreneurs everywhere, making opportunity more inclusive for all. We're a trusted growth partner to over 19 million everyday entrepreneurs worldwide. We're empowering them to change the world if it doesn't quite fit them. To make their idea real. To grow it online. We help them do what they've been dreaming of and make the world they want. .
What you'll get to do..
Your experience should include...
Walk business processes and identify opportunities to strengthen security Engage within vulnerability management to assess security effectiveness through business practices Detailed understanding of networking and common TCP/IP protocols Proven understanding of Payment Card Industry knowledge and pen testing requirements 4 years of experience in vulnerability discovery / security engineering / application security Demonstrated history of penetration testing across network services, web applications & API’s, wireless, Cloud and segmentation for on-prem and Cloud Experience working in a large cloud or Internet software company preferred Knowledge of web application design & implementation concepts to include supporting systems Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff You might also have...
Ability to scope and perform segmentation testing, as defined in the PCI-DSS, in order to validate our scope reduction Ability to succeed through collaboration and working through internal and external organizations and individuals Ability to test API and AWS based products. Detailed knowledge of common vulnerabilities, exploits, and attacks used during a penetration test Ability to lead and run penetration testing engagement on your own Expert knowledge, skills, and abilities in the use of common vulnerability assessment and penetration testing tools such as Metasploit, Nessus, Nmap, Burp Suite, PowerSploit, Empire, Qualys and Impacket. These are examples and are not a requirements list. Basic familiarity with Incident response framework, EDRs, SIEM and Security devices Prior DevOps or continuous delivery and deployment experience preferred OSCP, OSCE, CREST, GPEN, GWAPT, GXPN, CEH and other industry certifications are a plus Strong application/product/software security background Threat modeling, adversary emulation, or long duration Red Team exercises Experience in the following:
Metasploit, Kali Linux, Burp suite, ZAP, Tanium, AppSpider, Open VAS, Nessus, Qualys, NMAP, Jira, AWS or equivalent
We've got your back...
Enjoy our many benefits (), including paid time off, 401k, equity grants and parental leave. Join one of our employee resource groups (). Continue to have a side hustle, if you have one (we love entrepreneurs, remember?). Most importantly, come as you are and make your own way.
