Penetration Testing Engineer
Where good people build rewarding careers.
Think that working in the insurance field can't be exciting, rewarding and challenging? Think again. You'll help us reinvent protection and retirement to improve customers' lives. We'll help you make an impact with our training and mentoring offerings. Here, you'll have the opportunity to expand and apply your skills in ways you never thought possible. And you'll have fun doing it. Join a company of individuals with hopes, plans and passions, all using and developing our talents for good, at work and in life.
Description: Allstate Information Security is looking to hire a Penetration Test Engineer to join an exciting team and fulfill a high-demand service. The candidate will perform penetration testing for Allstate infrastructure and in-house developed applications to discover security vulnerabilities and weaknesses and provide remediation recommendations. The team is looking for an experienced tester with a willingness to share knowledge and work with the team to enhance the security posture of Allstate's applications and systems.
- Perform white and black box testing of in-house applications and systems with a variety of commercial and opensource tools
- Devise creative and custom exploits, solutions, and techniques to discover vulnerabilities and exploitability of the targets
- Knowledge-share with team on techniques and results to continuously improve the service offering
- Create detailed report of findings and recommendations after testing is complete and present to stakeholders
- Stay up-to-date in current tools, techniques, and vulnerabilities to incorporate into testing practices
- Mentor junior members of the team in techniques and best practices in ethical hacking and vulnerability analysis
Key Essential Skills
- 5+ years experience with penetration testing
- Demonstrable knowledge and experience of:
- Common attack techniques for web, mobile and services.
- Common application testing tools including, but not limited to Burp, SQL Map etc
- OWASP Top 10 iPhone and Android application pen testing - specifically relating to reverse engineering and instrumentation toolsets
- Pen testing in Agile and/or Extreme development environments
- Ability to write scripts/tools to assist in testing
- Experience testing/analyzing applications and networks
- Understanding of encryption technologies.
- Understanding of common network protocols
- Working knowledge with various operating systems
- Ability to relay detailed technical concepts to a broad range of audiences, via written reports and presentations.
- Passion for continuous learning, growth, and tinkering
Job Qualifications (desired)
- CISSP, GPEN, GWAPT, OSCP, and/or other industry certification is desired but not required.
The candidate(s) offered this position will be required to submit to a background investigation, which includes a drug screen.
Good Work. Good Life. Good Hands®.
As a Fortune 100 company and industry leader, we provide a competitive salary - but that's just the beginning. Our Total Rewards package also offers benefits like tuition assistance, medical and dental insurance, as well as a robust pension and 401(k). Plus, you'll have access to a wide variety of programs to help you balance your work and personal life -- including a generous paid time off policy.
Learn more about life at Allstate. Connect with us on Twitter, Facebook, Instagram and LinkedIn or watch a video.
Allstate generally does not sponsor individuals for employment-based visas for this position.
Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.
For jobs in San Francisco, please click "here" for information regarding the San Francisco Fair Chance Ordinance.
For jobs in Los Angeles, please click "here" for information regarding the Los Angeles Fair Chance Initiative for Hiring Ordinance.
It is the policy of Allstate to employ the best qualified individuals available for all jobs without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity/gender expression, disability, and citizenship status as a veteran with a disability or veteran of the Vietnam Era.
Back to top