Security Engineer II

Company: Deltek, Inc.
Location: Herndon
Posted on: January 26, 2023

Job Description:

03-Jan-2023







Senior Offensive Security Operator







US Remote





8182BR



Position Responsibilities


Deltek is looking for a Senior Offensive Security Engineer, with an extensive background in Offensive Security Operations, to join our Offensive Security team. The Senior Offensive Security Engineer will be performing full-scale end-to-end security engagements which include internal networks, external networks, web applications, mobile applications, APIs, Cloud, and other Deltek environments. This role plays a key role in managing security risk across Deltek and protecting our customers. The successful candidate will be versed in employing dynamic security assessment tools coupled with manual assessment techniques to identify security vulnerabilities across applications and internal environments to determine their exploitability. You will be responsible for working closely with various Deltek engineering teams while testing their environments. You will be providing deep security expertise and insight to correctly identify and explain security risks and vulnerabilities while working with engineering teams on remediation strategies.

This position is hands-on and requires curiosity and tenacity to deeply analyze and identify issues across applications and environments avoiding a checklist approach to application security. Deltek's broad application portfolio will challenge you with its variety of applications, technologies, and environments and you'll play a key role in strengthening Deltek. As a member of Deltek's Offensive Security Team, this role will report to the Senior Manager, Offensive Security team.
This role is US-based and 100% remote. Must be a US Citizen.

Things You Will Do:

• Design, scope, and perform offensive security engagements from planning, scoping, and execution to reporting
• Perform application penetration tests against Web, Mobile, API, and Thick Client applications to identify software security vulnerabilities in Deltek products and internal enterprise applications
• Perform vulnerability assessments, penetration tests, and adversarial operations to evaluate Deltek's Cybersecurity maturity and resiliency against attacks
• Work with external third parties and researchers to reproduce, score, and further investigate reported issues
• Assess Deltek's Cloud environments for security risks, misconfigurations as well as new service provisioning with the Cloud Team to establish security baselines and drive security assessment findings into automated security configuration of cloud services
• Thoroughly validate, document findings/Proof of Concepts, and concisely communicate with different stakeholders (e.g. Application Engineers, Management, etc)
• Maintain, develop, automate and continually integrate new attack tactics and tools; monitor and search for new threat tactics and vectors, integrating them into your attack toolkit
  
  
  Qualifications
  
  Minimum Requirements: Bachelor's Degree in Computer Science/Information Technology, Cybersecurity or equivalent work experienceAt least 5 years of security engineering experience, including red teaming, penetration testing, threat and vulnerability assessmentsStrong experience with different application technologies and frameworks (e.g. Java, .Net, C#)Strong experience in Web, Mobile, Thick Client and API application penetration testsExcellent communication and data presentation skills to clearly and effectively communicate information to stakeholders, both internally and externallyProgramming experience in Python, C/C++, JavaScript, .NET or other interpreted or compiled languagesAbility to collaborate with application developers to understand application surfacesOne or more hands-on practical Offensive Cybersecurity certifications or trainings (OSCP, OSWE, eCPPT, eCPTX, eWPT, WAPTX, GIAC etc)Knowledge of Cloud security principlesStrong Network and Application security conceptsPrior experience conducting adversarial emulations, a plus
  
  
  
  Travel Requirements
  
  No
  
  
  
  Company Summary
  
  As the leading global provider of enterprise software and information solutions for project-based businesses, Deltek helps organizations of all sizes maximize productivity and revenue. Our market leadership stems from the work of our diverse employees who are united by a passion for learning, growing and making a difference. At Deltek, we take immense pride in creating a balanced, values-driven environment, where every employee feels included and empowered to do their best work. Our employees put our core values into action daily, creating a one-of-a-kind culture that has been recognized globally. Thanks to our incredible team, Deltek has been named one of America's Best Midsize Employers by Forbes, a Top Workplace by The Washington Post and a Best Place to Work in Asia by World HRD Congress. www.deltek.com
  
  
  
  EEO Statement
  
  Deltek, Inc. is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.
  
  
  
  E-Verify Statement
  
  Deltek, Inc., utilizes the E-Verify program with every potential new hire. This makes it possible for us to make certain that every employee who works for Deltek is eligible to work in the United States. To learn more about E-Verify you can call 1-800-255-7688 or visit their website by clicking the logo below. E-Verify is a registered trademark of the United States Department of Homeland Security.
  
  
  
  Applicant Privacy Notice
  
  Deltek is committed to the protection and promotion of your privacy. In connection with your applicatio

Keywords: Deltek, Inc., Germantown , Security Engineer II, Other , Herndon, Maryland