Nature, Outdoors, Scenery, Land, Landscape, Ice, Mountain, Vegetation, Snow, Cross

Cybersecurity Engineer – Penetration Tester

Cybersecurity Engineer – Penetration Tester

  • Work from home, Orlando, Florida, United States, 32821
  • IT - Security/Cyber Security
  • Full Time

We Put the World on Vacation

At Travel + Leisure Co., our mission is simple: to put the world on vacation. With a focus on vacation ownership, travel memberships, and exchange programs, we’re shaping the future of leisure travel by creating new possibilities for vacationers. Innovation and growth keep our work interesting and fun. Every day is a chance to learn something new and turn vacation inspiration into exceptional experiences for millions of travelers worldwide.

As a Penetration Tester you would be joining a team that is responsible with providing offensive security operations for our brands to proactively find risks and vulnerabilities that could put customer, employee, and business data at risk. Our goal is to utilize penetration testing, vulnerability assessments, and a risk-based methodology to provide actionable recommendations around remediation strategies and activities.

This position will be required to develop reports, visualizations, and presentations that can aid all levels of technical and business personnel in understanding risk and remediation efforts. Additionally, these actions in combination with other security teams, will aid the organization in understanding the overall risk presented to the enterprise.

How You'll Shine:

  • Conduct manual penetration tests on external/internal networks, web applications, and systems to identify weaknesses and/or vulnerabilities using approved methodologies
  • Create technical and executive written reports, detailing assessment findings and recommendations
  • Perform manual remediation testing and documentation of all remediated vulnerabilities
  • Perform network segmentation testing and technical analysis
  • Deliver briefings, written and oral, to leadership and technical staff
  • Support the technical analysis and recommendations for remediation of OS, network, and application vulnerabilities
  • Enhance the Penetration Testing program by creating and maintaining standard operating procedures, rules of engagement, automation, team members training sessions, and new team member training documents.
  • Perform manual security testing and perform physical/wireless/mobile/social engineering assessments
  • Assist in the development of red team/blue team exercises

What You'll Bring:

  • Bachelor’s degree (Computer Science or related field) or commensurate experience
  • At least three (3) years of professional penetration testing experience
  • Offensive security certifications such as: OSCP, OSWP, OSEP, OSWA, OSWE, GPEN, GWAPT, GCPN, GMOB, GAWN, Burp Suite Certified Practitioner, AWS-CSS, KLCP, LPT, eJPT (PTS), eCPPT (PTP), eWPT, eCPTX, eWPTX, eMAPT, or commensurate experience
  • Experience utilizing proven processes and industry standards, such as PTES and OWASP
  • Experience with manual attack and penetration testing methodologies
  • Up to date and familiar with the latest exploits and security trends
  • Knowledge of PCI-DSS requirements
  • Experience conducting PCI assessments and penetration tests on networks, systems, and applications
  • Experience with offensive toolsets and technologies including Kali, Metasploit, Cobalt Strike, Burp Suite, Nmap, Nikto, Dirb, etc.
  • Experience with network and web application vulnerability scanners (Tenable/Rapid7/Qualys)
  • Proficient with multiple operating systems (Windows/Linux/UNIX/MacOS)
  • Demonstrate ability to work under minimal supervision
  • Ability to resolve complex business and technical issues
  • Dedication to customer service and commitment to teamwork
  • Capable of managing multiple engagements simultaneously
  • Experience with project management and technical documentation writing
  • Excellent verbal and written communication skills
  • Strong analytical, problem-solving, and conceptual skills
  • Equivalent combination of education and progressive, relevant, and direct experience may be considered in lieu of minimum educational/experience requirements indicated above

Preferred Qualifications

  • Industry leading offensive security certifications such as: GXPN, CRTO, OSED, OSMR, OSEE, OSCE, etc.
  • Experience with segmentation testing and red team exercises
  • Familiarity with the Secure Systems Development Lifecycle (SSDLC), and secure coding practices, and automated code testing
  • Familiarity with common programing or scripting languages (Bash/PowerShell/Python/Perl/Ruby/etc.)
  • Experience with Cloud Stack (AWS/Azure/G Suite) and Containers (Docker/Kubernetes/etc.)

How You'll Be Rewarded

We offer a diverse range of comprehensive health and welfare benefits to associates who work 30 or more hours per week to meet your needs and support you throughout your career with us. Travel + Leisure Co. benefits include:

  • Medical
  • Dental
  • Vision
  • Spending accounts
  • Life and accident coverage
  • Disability
  • Voluntary income protection benefits
  • Wellness program
  • Employee Assistance Program
  • Depending on position, paid time off, parental leave and holidays (speak to your recruiter for additional information)
  • 401k with employer match (subject to eligibility requirements, including tenure - speak to your recruiter for additional information)
  • Legal and identify theft

Where Memories Start with You

Hospitality is at the heart of all we do at Travel + Leisure Co. Here, you’ll find an inclusive environment where we deliver excellence and take time to have fun, celebrate together, and support one another. We're always looking ahead to what’s next and how we can strengthen our business, its neighboring communities, and the customer experience. Join our global team and build a career where memories start with you.

We are an equal opportunity employer, and all applications will be considered for employment without attention to their membership in any protected class. If you require any reasonable accommodation to complete your application or any part of the recruiting process, please email your request to MyCareer@travelandleisure.com, including the title and location of the position for which you are applying.

Job Requisition: R-60430

Other People Viewed

Houseperson

WD_AU_RESMGT Wyndham Destinations R-62502 Surfers Paradise Queensland Australia 3018 Surfers Paradise Boulevard, Surfers Paradise, Queensland, Australia, 4000 Housekeeping Entry Level
We Put the World on VacationAt Travel + Leisure Co., our mission is simple: to put the world on vacation. Our vacation ownership brands, Club Wyndham, Worldmark, Margaritaville Vacation Club, and Shell Vacations Club, include more than 245 vacatio...

Public Area Cleaner

WD_AU_RESMGT Wyndham Destinations R-62501 Surfers Paradise Queensland Australia 3018 Surfers Paradise Boulevard, Surfers Paradise, Queensland, Australia, 4000 Housekeeping Entry Level
We Put the World on VacationAt Travel + Leisure Co., our mission is simple: to put the world on vacation. Our vacation ownership brands, Club Wyndham, Worldmark, Margaritaville Vacation Club, and Shell Vacations Club, include more than 245 vacatio...

Housekeeping Dispatcher - Wyndham Palm Aire Resort

WD_US_WVO Wyndham Destinations R-62146 Fort Lauderdale Florida United States Central Location, Fort Lauderdale, Florida, United States, 33062 Housekeeping Entry Level
We Put the World on VacationAt Travel + Leisure Co., our mission is simple: to put the world on vacation. Our vacation ownership brands, Club Wyndham, Worldmark, Margaritaville Vacation Club, and Shell Vacations Club, include more than 245 vacatio...

Alert me about jobs like this

Not You?

Thank you for your interest please submit your application on the next page.