Senior Security Consulting-Testing
Auburn, WA
Aon is looking for a Senior Security ConsultantThe Proactive Security Testing team is looking for smart, energetic, and motivated individuals to add to its team. We provide a challenging and exciting work environment that offers a healthy combination of autonomy and senior level support. Our team publishes books and security blogs, delivers conference talks, contributes to open source software projects, and are engaged in a variety of continuous security research projects. As a Senior Security Consultant, you will serve as an experienced member of the penetration testing team and be expected to:Perform complex penetration testing projects in the realms of red teams, network penetration testing (external & internal), reverse engineering, web/mobile application penetration testing, source code review, etc.Execute penetration testing projects according to internal testing methodology, tools, and processesDocument technical issues identified during security assessments to articulate the risk to the client, as well as provide tailored recommendations for remediation.Perform vulnerability research and exploit developmentAssist with internal business operations such as service line development, process improvements, and recruiting new penetration testing talentYou Bring Knowledge and Expertise Required Experience: The following are expected from potential applicants:2 years of experience with penetration testing against web/mobile applications, above and beyond running automated tools.2 years of experience with network/infrastructure penetration testing.Development and/or source code review experience in Java, C#, C/C , PHP, Ruby, Python, Go, Swift, Objective C/C , Kotlin, etc.Familiarity with application layer assessment tools, such as Burp Suite and other fuzzers/proxies.A good understanding of Unix, Windows and network security skills.Ability to work both independently and perform as a leader in a team environment.Ability to work remotely as part of a distributed team and travel to client sites when required. - **Current travel is HIGHLY limited due to COVID-19**Excellent communication skills in English (both written and oral); able to concisely communicate security risks to both technical and business audiences. Preferred Experience: The following skills are not required from applicants but would be considered a plus:Degree in Computer Science, Information Systems, Engineering or related major.Reputable security certifications, including: OSCP, OSCE, OSWE, OSEE, OSWP, GPEN, GXPN, CMWAPTExperience working as a consultant at a reputable penetration testing company.Experience working as part of an enterprise development team.Experience developing custom scripts or tools used for vulnerability scanning and identification.Experience with performing red team assessmentsExperience with exploit development and reverse engineeringExperience with client/server thick client penetration testing.Solid understanding of cryptography fundamentals.Produced public facing research and/or delivered presentations at well known industry security conferences. Education:Bachelor’s degree or equivalent years of industry experience.We offer youA competitive total rewards package, continuing education & training, and tremendous potential with a growing worldwide organization. Our Colleague Experience:From helping clients gain access to capital after natural disasters, to creating access to health care and retirement for millions, Aon colleagues empower results for our clients, communities, and each other every day. They make a difference, work with the best, own their potential, and value one another. This is the Aon Colleague Experience, defining what it means to work at Aon and realizing our vision of empowering human and economic possibility. To learn more visit Aon Colleague Experience. About Aon:Aon plc (NYSE:AON) is a leading global professional services firm providing a broad range of risk, retirement and health solutions. Our 50,000 colleagues in 120 countries empower results for clients by using proprietary data and analytics to deliver insights that reduce volatility and improve performance. By applying for a position with Aon, you understand that, should you be made an offer, it will be contingent on your undergoing and successfully completing a background check consistent with Aon's employment policies. Background checks may include some or all of the following based on the nature of the position: SSN/SIN validation, education verification, employment verification, and criminal check, search against global sanctions and government watch lists, fingerprint verification, credit check, and/or drug test. You will be notified during the hiring process which checks are required by the position. Aon provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, or domestic partner status. Aon is committed to a diverse workforce and is an affirmative action employer. DISCLAIMER: Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. 2488148","qualifications":"UNAVAILABLE","responsibilities":"Aon is looking for a Senior Security ConsultantThe Proactive Security Testing team is looking for smart, energetic, and motivated individuals to add to its team. We provide a challenging and exciting work environment that offers a healthy combination of autonomy and senior level support. Our team publishes books and security blogs, delivers conference talks, contributes to open source software projects, and are engaged in a variety of continuous security research projects. As a Senior Security Consultant, you will serve as an experienced member of the penetration testing team and be expected to:Perform complex penetration testing projects in the realms of red teams, network penetration testing (external & internal), reverse engineering, web/mobile application penetration testing, source code review, etc.Execute penetration testing projects according to internal testing methodology, tools, and processesDocument technical issues identified during security assessments to articulate the risk to the client, as well as provide tailored recommendations for remediation.Perform vulnerability research and exploit developmentAssist with internal business operations such as service line development, process improvements, and recruiting new penetration testing talentYou Bring Knowledge and Expertise Required Experience: The following are expected from potential applicants:2 years of experience with penetration testing against web/mobile applications, above and beyond running automated tools.2 years of experience with network/infrastructure penetration testing.Development and/or source code review experience in Java, C#, C/C , PHP, Ruby, Python, Go, Swift, Objective C/C , Kotlin, etc.Familiarity with application layer assessment tools, such as Burp Suite and other fuzzers/proxies.A good understanding of Unix, Windows and network security skills.Ability to work both independently and perform as a leader in a team environment.Ability to work remotely as part of a distributed team and travel to client sites when required. - **Current travel is HIGHLY limited due to COVID-19**Excellent communication skills in English (both written and oral); able to concisely communicate security risks to both technical and business audiences. Preferred Experience: The following skills are not required from applicants but would be considered a plus:Degree in Computer Science, Information Systems, Engineering or related major.Reputable security certifications, including: OSCP, OSCE, OSWE, OSEE, OSWP, GPEN, GXPN, CMWAPTExperience working as a consultant at a reputable penetration testing company.Experience working as part of an enterprise development team.Experience developing custom scripts or tools used for vulnerability scanning and identification.Experience with performing red team assessmentsExperience with exploit development and reverse engineeringExperience with client/server thick client penetration testing.Solid understanding of cryptography fundamentals.Produced public facing research and/or delivered presentations at well known industry security conferences. Education:Bachelor’s degree or equivalent years of industry experience.We offer youA competitive total rewards package, continuing education & training, and tremendous potential with a growing worldwide organization. Our Colleague Experience:From helping clients gain access to capital after natural disasters, to creating access to health care and retirement for millions, Aon colleagues empower results for our clients, communities, and each other every day. They make a difference, work with the best, own their potential, and value one another. This is the Aon Colleague Experience, defining what it means to work at Aon and realizing our vision of empowering human and economic possibility. To learn more visit Aon Colleague Experience. About Aon:Aon plc (NYSE:AON) is a leading global professional services firm providing a broad range of risk, retirement and health solutions. Our 50,000 colleagues in 120 countries empower results for clients by using proprietary data and analytics to deliver insights that reduce volatility and improve performance. By applying for a position with Aon, you understand that, should you be made an offer, it will be contingent on your undergoing and successfully completing a background check consistent with Aon's employment policies. Background checks may include some or all of the following based on the nature of the position: SSN/SIN validation, education verification, employment verification, and criminal check, search against global sanctions and government watch lists, fingerprint verification, credit check, and/or drug test. You will be notified during the hiring process which checks are required by the position. Aon provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, or domestic partner status. Aon is committed to a diverse workforce and is an affirmative action employer. DISCLAIMER: Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. ","skills":"UNAVAILABLE","workHours":"UNAVAILABLE","jobBenefits":"UNAVAILABLE","datePosted":"2021-11-12T00:41:00 0000","employmentType":"FULL_TIME","educationRequirements":"UNAVAILABLE","salaryCurrency":"USD","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","value":0,"minValue":0,"maxValue":0,"unitText":"YEAR"}},"validThrough":"2022-11-12T00:42:13.000Z","industry":"UNAVAILABLE","hiringOrganization":{"@type":"Organization","name":"Aon Corporation","sameAs":"**MEMBERS ONLY**SIGN UP NOW***States"}}}
|
