Senior Application Security- Penetration Testing Consultant
Dynamics of the role:
TransUnion is seeking a Senior 3rd Party Testing Coordinator to join our Vulnerability Threat Management Team in the Chicago, IL office. The successful candidate will work closely with, and play a critical role connecting the VTM team, TU’s External Security Testing Vendors, the Internal Red Team, and Business Units across TU. This position will be responsible for managing the delivery of all Application, Network, and Wireless penetration tests conducted by external vendors. This position will also handle the scheduling, tracking, coordinating, and quality review of all reports delivered.
The ideal candidate will be capable of both balancing the demands of shifting schedules and communicating with people across the globe as well as sufficiently technical to understand the content of the delivered reports.
This is a new role at TU; introduced to centrally consolidate global testing. There will be a lot of flexibility to design and implement processes and workflows as the candidate sees fit. Technical support will be available from several sources. Candidate is expected to maintain a high level of independence.
The team’s focus:
The Attack Surface Reduction Team is responsible for monitoring TU’s global footprint and leading efforts to minimize its attack surface via red teaming, application security testing, vulnerability management, and leading company-wide technology initiatives. The team works closely with peers responsible for Threat Management, Malware Analysis, Insider Threat, and Security Automation.
TU offers a broad array of products to the consumers it serves either directly or indirectly and provides critical education and capabilities that empower the consumer and equips them with accurate data that is used by financial institutions, insurers, and employers.
#LI-AL1
#DICE
How you’ll contribute:
- Schedule and Coordinate global test delivery
- Maintain relationship with contracted vendors
- Evaluate results of penetration tests for delivery quality
- Create a workflow for ingesting results into issue tracking system
- Work with Red Team members to understand identified weaknesses
- Grow/Strengthen security skills by shadowing Red Team activities as they perform a wide variety of tests against TU infrastructure, applications, and users.
- Attend conferences and conduct research to stay up-to-date on modern attack techniques.
What you’ll bring:
- 6+ years in Information Security or related field
- 3+ years of project delivery, project management, coordination, or similar
- Familiarity and comfortability with several of these areas: tools, testing methodologies, security concepts, network architecture, programming languages, and computer architecture.
- Familiarity with various types of penetration tests (Network, Wireless, Application, etc)
- Familiarity with various types of compliance frameworks (PCI, HITRUST, SSSAE18, etc)
- Able to effectively communicate testing goals to vendor, findings and strategy to stakeholders, and questions to technical staff.
- Ability to take direction from management and work as part of a collaborative team
- High motivation, integrity, and commitment to self-development
- Intellectual curiosity, humility, accountability and positive approach
Nice to Haves:
- 4 year college degree in Computer Science or related field
- One or more of the following certifications (or similar): GPEN, GWAPT, OSCP, CISSP, eCPPT, etc.
Who we are:
At TransUnion, we are dedicated to finding ways information can be used to help people make better and smarter decisions. As a trusted provider of global information solutions, our mission is to help people around the world access the opportunities that lead to a higher quality of life, by helping organizations optimize their risk-based decisions and enabling consumers to understand and manage their personal information. Because when people have access to more complete and multidimensional information, they can make more informed decisions and achieve great things.
Every day TransUnion offers our employees the tools and resources they need to find ways information can be used in diverse ways. Whether it is helping businesses better manage risk, providing better insights so a consumer can qualify for his first mortgage or working with law enforcement to make neighborhoods safer, we are improving the quality of life for individuals, families, communities and local economies around the world.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.