Senior Managing Penetration Testing Consultant - X-Force Red
IBM · Denver, CO · 2 wk ago
HybridQuality AssuranceFull-time
Role Overview
The Global Security Consultant at X-Force Red, IBM Security, plays a crucial role in identifying and exploiting vulnerabilities in modern enterprise applications. This position requires extensive experience in penetration testing and consulting, with a focus on web, mobile, and thick-client applications.
Responsibilities
- Perform penetration tests against clients' applications including web, mobile, and thick-client
- Assist in the sales process with potential or existing clients
- Act as a client's primary technical contact for projects delivered by other consultants
- Provide subject matter expertise through research, tooling, and consulting engagements
- Rapidly learn new technologies and processes with minimal assistance
Requirements
- 10+ years of penetration testing experience
- 10+ years of consulting experience
- Experience testing web applications plus at least one of the following: internal networks, wireless networks, mobile applications, thick-client applications, embedded applications, hardware
- Programming experience in one or more of the following: Java, .Net, Python, or Ruby
- Strong understanding of networks, firewalls, protocols, routing, and security technologies
- History of presenting at regional or major security conferences
- Experience coordinating security testing projects with multiple consultants
- Effective communication and presentation skills
- The ability to lead large groups and be a primary facilitator
- Demonstrated written skills
- Drive to do research, publications, blogs, presentations, etc.
- Comfortable working in a project-based/client-serving model
- Ability to lead and shape client expectations
- Ability to help drive pursuits and engage in complex deals, matching outcomes to expectations
- Ability to work easily with diverse and dynamic teams
- Ability to self-start and work independently on projects
Preferred Technical and Professional Experience
- Experience testing GenAI applications and LLM models
- Experience with testing SaaS platforms and applications - SAP, Salesforce, Oracle
- OSCP, OSEP, OSWE, OSED, OSEE, Burp Suite Certified Practitioner, or other technical certifications
- Experience in reverse engineering software or hardware