When you join Verizon
You want more out of a career. A place to share your ideas freely even if theyre daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife.
What Youll Be Doing...
Verizon Cyber Security Team is looking for a Senior Penetration Tester to join our Application Pen Test team. Youll be joining a group of talented, creative thinkers who "act like the enemy" to focus on ensuring that infrastructure and applications (web, mobile, and API) are secure by performing penetration testing from both inside and outside of Verizon. This team isnt a "copy and paste from a scan tool" reporting team, or a cookie cutter just scanning with tools team, or a team that just monitors and supports security scanning tools used by developers. This team is an enterprise-recognized and supported group of skilled, experienced and certified ethical hacking Verizon employees who are trusted to direct themselves with a lot of unknowns.The successful candidate will possess an effective aptitude in thinking like an adversary, security of Web applications, Infrastructure, APIs and Mobile Applications, mentoring and leading junior pen testers and effectively translating highly technical information to internal customers in a way that supports Cyber Security Team and broader Verizon goals.
- Lead and execute comprehensive penetration tests across a diverse range of targets, including intricate web applications, APIs, mobile applications, and enterprise infrastructure, from both internal and external perspectives.
- Masterfully configure and safely utilize advanced attacker tools, tactics, and procedures within Verizon's environments.
- Develop detailed, accurate, and impactful reports and presentations tailored for both highly technical and executive audiences.
- Collaborate effectively to assess the real-world impact of identified exposures on Verizon's systems and data.
- Act as a trusted Subject Matter Expert (SME), providing expert guidance on vulnerability impact, risk ratings, and pragmatic remediation recommendations across the organization.
- Contribute significantly to defining the Pen Test strategy and standards, continuously enhancing the company's overall security posture.
- Communicate complex findings and strategic insights clearly and concisely to diverse stakeholders, including technical teams, executive leadership, and legal counsel.
- Work closely with stakeholders and developers, providing risk-appropriate and actionable recommendations to effectively remediate discovered vulnerabilities.
- Innovate and develop custom scripts, tools, or methodologies to further enhance Verizon's penetration testing processes and overall effectiveness.
- Provide informal mentorship and technical guidance to junior penetration testers, sharing your expertise on engagement execution, vulnerability impact, and remediation strategies.
What were looking for...
You get excited by the possibilities that technology creates and how it can improve the way we do business. Applying your analytical skills and expertise to solve complex problems is personally rewarding. With strong written and verbal communication abilities, youre able to cut through technical jargon to describe complex concepts in a way everyone can understand. People know you for your strong leadership and the way you inspire teams to perform at their best. No stranger to working in a fast-paced environment, you convey a sense of urgency and handle multiple competing priorities with ease, never missing a deadline.
Youll Need To Have
- Bachelors degree or six or more years of extensive work experience in a relevant security field.
- Hands-on experience in penetration testing or offensive security.
- Must possess one of these certifications: CompTIA PenTest , or Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN), or Offensive Security Certified Professional (OSCP).
- A deep, practical understanding of OWASP Top 10, OWASP API Top 10, and MASVS.
- Proven experience with application security risk procedures, common security patterns, authentication technologies, and various security attack pathologies.
- Expertise in discerning the protection needs (i.e., security controls) of information systems and networks.
- Exceptional proficiency with a wide array of security testing tools, including but not limited to Kali Linux, Metasploit, Wireshark, Burp Suite (professional), Cobalt Strike, Nessus, Web Inspect, and SQLMap.
- Experience in working with cross-functional teams and projects.
Even better if you have one or more of the following:
- In-depth knowledge of secure software deployment methodologies, tools, and best practices.
- An implementation-level familiarity with all common classes of modern exploitation.
- Highly recognized certifications such as OSEP, OSWE, OSED, GXPN, LPT, CEPT, CMWAPT, GWAPT, GCIH, OSWA, eWPT, OSCE.
- Familiarity with Service Delivery/Governance frameworks like ITILv2/3.
- A solid understanding of modern hosting environments, including containerization platforms (e.g., Docker, Kubernetes) and virtual machines under hypervisors.
- Mastery of Unix/Linux/Mac/Windows operating systems, including advanced bash and PowerShell scripting.
- Strong programming skills are highly preferred and encouraged, with the ability to read, understand, and assess applications written in multiple languages such as Python, JAVA, .NET, C#, or others.
- Extensive experience with system and application security threats and vulnerabilities, secure configuration management techniques, software debugging principles, software design tools, methods, and techniques, and various software development models (e.g., Waterfall Model, Spiral Model).
- Significant experience with software-related information technology (IT) security principles and methods (e.g., modularization, layering, abstraction, data hiding, and simplicity/minimization).
If Verizon and this role sound like a fit for you, we encourage you to apply even if you dont meet every even better qualification listed above.
Where youll be working
In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager.
Scheduled Weekly Hours
40
Equal Employment Opportunity
Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.
Locations
: Hyderabad, India
