What We'll BringAt TransUnion, we have a welcoming and energetic environment that encourages collaboration and innovation. This gives our people the opportunity to hone current skills while building and discovering new capabilities.
Come be a part of our team and work with great people and cutting-edge technology.
What You'll BringTransUnion’s Red Team conducts full scope adversary simulation services against TransUnion offices, networks, personnel, and business units globally. Our team provides the critical feedback loop to assess the efficacy of TransUnion’s ability to detect, respond, and mitigate emerging threats. Qualified candidates will be proficient with performing sophisticated attack techniques, developing tooling and automation, conducting vulnerability research of custom applications, and presenting findings to an executive audience. The ideal candidate will have expertise in multiple offensive testing specialties, allowing for rapid development to emulate modern adversaries.
The team works closely with peers responsible for Threat Management, Malware Analysis, Insider Threat, and Security Automation. This position will require increasingly creative and technically advanced solutions as issues are mitigated.
Within the Red Team you will enjoy the freedom to work on research projects, contribute to the info sec community (conferences, speaking engagements, CTFs, CVE publications), and to grow new skill sets as desired.
This position is fully-remote so long as the candidate has adequate internet/telephony and can travel when required (< 10%).
2+ years of practical experience in Penetration Testing
2+ years of experience dealing with Application Security
Deep technical knowledge in several of these areas: security testing tools, testing methodologies, security concepts, network architecture, programming languages, and computer architecture.
Able to effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
Ability to take direction from management and work as part of a collaborative team
High motivation, integrity, and commitment to self-development
Intellectual curiosity, humility, accountability and positive approach
We'd Love to See:
4-year college degree in Computer Science, Information Security, or a related field
Proven community contributions through conference presentations, publications, tool development, research, etc.
One or more of the following certifications (or similar): GWAPT, GXPN, OSCP, OSCE, OSEE, etc.
Impact You'll MakeThink outside the box, question assumptions, push the limits
Perform a wide variety of Red Team testing against TU infrastructure, applications, and users
Conduct advanced testing above & beyond automated scanning tools
Demonstrate importance of identified vulnerabilities and security weaknesses by creating POCs
Develop scripts, tools, or methodologies to enhance Red Teaming processes
Attend conferences and conduct research to stay up-to-date on modern attack techniques