At Paylocity, we create software that makes companies – especially their HR teams – better, faster, and stronger. We give clients the tools they need to make their companies run, and give our employees a rewarding company culture – all putting us in a category of our own. Join us and learn what makes us unique!

We’re a fast-growing company ready to revolutionize the payroll and HR world for hundreds of thousands of businesses by delivering innovative technology and support. We seek the best and brightest to help us create the future of our talent solutions – enabling our customers to better develop their employees. Our own employees are equally important to us: We work hard to provide the best work environment for our employees, and are dedicated to giving back to the communities in which we live and work.

Delivering one-of-a-kind cloud technology, accompanied by award winning customer service, Paylocity is a software development company in a category of its own. We are a publicly traded company that offers an Employee Stock Purchase Program (ESPP) which enables employees to share in the long-term growth and future success of the company.

Poised to revolutionize the world of human capital management for hundreds of thousands of small and medium sized businesses, we are seeking the best and the brightest to help us create the future of our talent solutions – enabling our customers to better develop their employees and supervisors.

The Penetration Tester is responsible for verifying that our cloud based Software-as-a-Service (SaaS) web applications are secure. The role involves performing threat modeling, security assessments, and ethical hacking of our web applications. In addition, the Penetration Tester will be producing reports that document the risk of vulnerabilities identified by security assessments and penetration tests for each product team and our auditors.

Are you the leader we are looking for?

Who you are:

• Passionate about information security and privacy
• An evangelist regarding the importance of information security
• Well versed in security issues affecting financial service organizations as well as widespread data center operations, such as cloud and mobile technology solutions
• Committed to an ongoing partnership with other high profile groups within the organization (e.g. software development) to insure information security objectives are being understood and embraced
• Established presence within information security communities
• Ability to anticipate problems and recommend decisive action
• Excellent communication skills (both written and oral)
• Ability to work collaboratively across the organization
• Self-driven, creative, and resourceful

How we work:

• Casual, collaborative environment which embraces and operates under our shared principles
• Complete transparency with open, honest discussions about our progress
• Close working relationships across all areas of the organization
• Focus on outcomes and learning

What we offer:

• A strong commitment to Information Security both financially and organizationally
• An existing talented and passionate Information Security team
• The chance to meaningfully contribute to a vast market opportunity
• A collaborative environment where our security team is empowered to help steer the direction of the team
• A place to contribute your security knowledge company-wide through forum panels with our product development team
• Annual training allowance to learn new things and bring it back to the team.
• Flexible remote work schedule
• Employee Stock Purchase Program (ESPP) which enables employees to share in the long-term growth and future success of the company

Required Experience:

• Preferred education equivalent to a Bachelor’s degree in Information Security or related Computer Science
• 3+ years of experience in software development or web application security testing
• Ability to perform both manual and automated code reviews
• Solid understanding of object oriented programming concepts
• Solid understanding of OWASP and other software security best practices
• Familiarity with security and testing tools such as Burp Suite
• Experience with threat modeling and security design review methodologies
• Experience with penetration testing against a wide variety of application layer platforms, including web, mobile, and thick client above and beyond running automated tools
• Knowledge of the software development life-cycle and the ability to create and read code in a modern object-oriented programming language (such as ASP.net/C# or Python) and writing SQL scripts and web code (HTML/CSS/Javascript/etc.)
• Demonstrates excellent organizational and prioritization skills
• Demonstrates excellent reporting skills and test planning preparation skills (including test case creation and execution)
• Experienced meeting corporate security policies and regulatory requirements
• Strong verbal and written skills.

Strongly prefer a relevant security certification such as:

• Certified Information Systems Security Professional (CISSP)
• GIAC GWAPT
• Certified Ethical Hacker (CEH)

During the last three months, you would have:

• Evaluated security threats, assess the potential impact to the business, and implement strategies to detect and generate alerts on security incidents
• Performed threat modeling, ethical hacking (both automated and manual), and security assessments on our web and mobile applications.
• Worked collaboratively with IT and Software Development to continually improve our security posture.
• Calculated risk and created reports that documented our current risk of vulnerabilities identified from penetration tests for a variety of product teams.
• Handled escalations quickly and worked closely with our product teams to verify that any identified vulnerabilities are addressed.

Paylocity’s Awards:

• Glassdoor Best Places to Work 2014, 2017, 2018
• Glassdoor Highest Rated CEO's 2014, 2017
• CIO Applications Top 25 HR Technology Solution Providers 2017
• Deloitte Technology Fast 500 2013-2017
• DC Digital Top Work Places 2016-2017
• 101 Best & Brightest Companies to Work for in Chicago 2008-2017
• Top 100 Digital Companies in Chicago 2012-2017
• Best Places to Work Idaho 2017
• Best Places to Work Orlando Business Journal 2016-2017
• Best & Brightest Companies to Work for in the Nation 2014, 2017

At Paylocity, our award-winning culture has made this the place employees want to be. We have plenty of opportunities for you to grow your career within Paylocity, and offer benefits like Tuition Reimbursement so you can continue to learn and develop your skills. You could say our growth game is strong. We also reward hard work with a flexible, casual work environment and plenty of perks. From picnics, to game nights, to holiday parties, there’s no shortage of ways to have fun.

We also offer the following benefits and perks:

· Competitive pay

· Comprehensive benefits (medical, dental, vision, 401k)

· Flexible work hours / remote opportunities

· Paid Parental Leave

· Ample volunteer opportunities and events

· Health and wellness program

· Stock purchasing options (NASDAQ: PCTY)

Visit Paylocity.com/careers to learn more about working at Paylocity. Also be sure to check out what past and present employees have to say about us and our CEO on Glassdoor. Spoiler alert: We’re currently ranked #20 on their Best Places to Work list, and have also won Chicago’s 101 Best & Brightest Companies to Work For, and Crain’s Fast 50, just to name a few. 

Learn more about us and stay connected: Facebook, Twitter, LinkedIn, Instagram, and Glassdoor.