Information Security Senior Engineer

Who are we?

Job Summary

A Red Team Penetration Tester (Pen Tester) is responsible for securing Equinix’s digital assets, through active hunting and identification of threats and vulnerabilities, in our environment, that are not detected by traditional vulnerability scanning. The Pen Tester should possess a deep understanding of both information security and computer science. They should understand basic concepts such as networking, applications, and operating system functionalities, and be able to learn advanced concepts such as application manipulation, exploit development, and stealthy operations.

Responsibilities

• Perform network penetration, web, mobile and business application testing, source code reviews, threat analysis, wireless network assessments, OT/IoT security assessments, and social-engineering assessments

• Develop comprehensive and accurate reports and presentations for both technical and executive audience

• Effectively communicate findings and remediation strategies to business stakeholders including technical staff, executive leadership, and legal counsel

• Recognize and safely utilize attacker tools, tactics, and procedures

• Develop scripts, tools, or methodologies to enhance Equinix’s red teaming processes

Qualifications

• Bachelor’s degree in computer science or related degree preferred

• 7 years' experience or 3-5 years’ experience in at least three of the following:

• Network penetration testing and manipulation of network infrastructure

• Web, mobile and/or business application assessments

• OT/IoT security assessments

• Email, phone or physical social-engineering assessments

• Shell scripting or automation of simple tasks using Perl, Python or Ruby

• Developing, extending, or modifying exploits, shellcode or exploit tools

• Developing applications in C#, ASP, .NET, ObjectiveC, or Java (J2EE)

• Reverse engineering malware, data obfuscators, or ciphers

• Source code review for control flow and security flaws

• Strong knowledge of tools used for wireless, web application, IoT/OT and network security testing

• Thorough understanding of network protocols, ICS/SCADA/Bacnet protocols, data on the wire, and covert channels

• Mastery ofUnix/Linux/Mac/Windowsoperating systems, including bash and PowerShell

• Experienced in utilizing various SIEM (e.g. Azure Sentinel, Splunk, Elastic) and EDR (e.g. CrowdStrike, SentinelOne, Microsoft ATP) tools for threat hunting

• Strong knowledge of security controls and services in AWS, GCP and Azure cloud platforms

• Background and knowledge of general security concepts, such as defense-in-depth, MITRE ATT&CK framework, and security architectures

• Preferred certifications: OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN

• Ability to document and explain technical details in a concise, understandable manner

• Ability to manage and balance own time among multiple tasks, and mentor junior staff when required

The United States targeted pay range for this position in the following location is / locations are:• San Francisco, CA / Bay Area: $157,000 to $235,000 per year• California (Non-SF/Bay Area), Connecticut, Maryland, New York, New Jersey, Washington state: $150,000 to $224,000 per year• Colorado, Nevada, Rhode Island: $136,000 to $204,000 per yearOur pay ranges reflect the minimum and maximum target for new hire pay for the full-time position determined by role, level, and location. Individual pay is based on additional factors including job-related skills, experience, and relevant education and/or training.This position may be offered in other locations. Your recruiter can share more about the specific pay range for your preferred location during the hiring process.The targeted pay range listed reflects the base pay only and does not include bonus, equity, or benefits. Employees are eligible for bonus, and equity may be offered depending on the position.As an employee, you become important to Equinix’s success. Details about our company benefits can be found at the following link:USA Benefits eBook

Equinix is committed to ensuring that our employment process is open to all individuals, including those with a disability. If you are a qualified candidate and need assistance or an accommodation, please let us know by completing this form.

Equinix is an Equal Employment Opportunity and, in the U.S., an Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to unlawful consideration of race, color, religion, creed, national or ethnic origin, ancestry, place of birth, citizenship, sex, pregnancy / childbirth or related medical conditions, sexual orientation, gender identity or expression, marital or domestic partnership status, age, veteran or military status, physical or mental disability, medical condition, genetic information, political / organizational affiliation, status as a victim or family member of a victim of crime or abuse, or any other status protected by applicable law.