Consulting Director - Penetration Tester

| Chicago, IL
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Job Summary
CNA's Red-Team reduces cyber risk by uncovering vulnerabilities and weaknesses in the enterprise cyber environment through coordinated ethical hacking and penetration testing scenarios. This position works closely with team members to plan, coordinate, execute and report on sophisticated ethical hacking exercises, to identify cyber vulnerabilities and reduce the risk posture of enterprise systems. This role will be primarily responsible for performing infrastructure, application, OS security assessments, and social engineering attacks and will make recommendations to management on effective countermeasures.
The successful candidate for this position will be part of an exciting and dynamic environment to help build and deliver industry leading ethical hacking capabilities to continuously protect and defend CNA employees, brand, systems, and data. Red-Team is part of the InfoSec Operations organization and assists with identifying opportunities to enhance CNA's information security posture against a broad range of cyber threats, and develop strategies to most effectively address the threats.
Essential Duties & Responsibilities
Performs a combination of duties in accordance with departmental guidelines:
  • Leads and contributes to Red-Team's Tactics Techniques and Procedures (TTPs) knowledge base.
  • Demonstrates subject matter expertise of penetration testing techniques and methodologies.
  • Develops and customizes payloads specific to the environment software version or for evasion of defensive technologies related to mobile applications.
  • Performs penetration testing of infrastructure applications and related technologies (API endpoints databases payment etc.).
  • Assesses CNA's security policies standards and practices and help mature corporate security standards.
  • Assists triage and test application and/or infrastructure responsible disclosure findings and newly disclosed vulnerabilities.
  • Communicates findings attack paths and recommendations to technical non-technical and senior leadership through written reports and verbal presentations.
  • Works with technology teams to improve CNA's threat profile.
  • Works with developers to improve SDLC for applications as needed.
  • Mentors SecOps team members to develop additional depth in offensive security practices.Develops scripts tools techniques and methodologies to improve the overall ability of the team to deliver high-quality tests.
  • Employs advanced internal networks wireless networks mobile applications thick-client applications embedded applications or hardware penetration testing techniques.
  • Acts as a primary technical contact for IT and development teams to remediate findings.

May perform additional duties as assigned.
Reporting Relationship
Typically AVP or above
Skills Knowledge & Abilities
  • Proficient with the common tools associated with penetration testing (Metasploit Burp Suite Cobalt Strike etc.)
  • Ability to effectively code in a scripting language (Python Perl etc)
  • Ability to work independently and function effectively as part of a team in a dynamic environment

Education & Experience
  • Bachelor's Degree in Computer Science Information Technology or related discipline or equivalent work experience.
  • Typically a minimum of ten years of information security experience (red teaming cloud security application security or network security)
  • Typically a minimum of two years of experience with threat modeling concepts and frameworks (CVSS MITRE ATT&CK DREAD or STRIDE)
  • Typically a minimum of six years of experience with scripting or compiled languages
  • Typically a minimum of six years of penetration testing experience
  • Applicable certifications preferred (OSCP OSCE OSWP CMWAPT GPEN GWAPT GMOB GAWN GXPN GCIH or CPT)
Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • .NETLanguages
    • JavaLanguages
    • JavascriptLanguages
    • KotlinLanguages
    • PerlLanguages
    • PythonLanguages
    • RLanguages
    • SqlLanguages
    • jQueryLibraries
    • jQuery UILibraries
    • ReactLibraries
    • AngularJSFrameworks
    • Node.jsFrameworks
    • SpringFrameworks
    • AccessDatabases
    • DB2Databases
    • Microsoft SQL ServerDatabases
    • MySQLDatabases
    • OracleDatabases
    • PostgreSQLDatabases
    • Google AnalyticsAnalytics
    • ConfluenceManagement
    • JIRAManagement
    • Microsoft ProjectManagement
    • SalesforceCRM
    • SendGridEmail
    • MarketoLead Gen

What are CNA Perks + Benefits

CNA Benefits Overview

One of the many advantages of working at CNA is the benefits program we offer you and your eligible dependents,
beginning on the first day of your employment. The program features a variety of plans that provide health care
benefits, well-being, disability and survivor protection, and 401(k) savings, among others. Below are highlights
of the offerings.

Culture
Volunteer in local community
Partners with Nonprofits
Friends outside of work
Open door policy
Team owned deliverables
Group brainstorming sessions
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Diversity Employee Resource Groups
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Wellness Programs
Onsite Gym
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Company Equity
Employee Stock Purchase Plan
Performance Bonus
Match charitable contributions
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Adoption Assistance
Vacation & Time Off Benefits
Generous PTO
Paid Holidays
Paid Sick Days
Perks & Discounts
Relocation Assistance
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Diversity Program
Lunch and learns
Online course subscriptions available
More Jobs at CNA165 open jobs
All Jobs
Finance
Data + Analytics
Dev + Engineer
HR + Recruiting
Internships
Legal
Marketing
Operations
Product
Project Mgmt
Sales
Content
Operations
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Sales
new
Lake Mary
Sales
new
Minneapolis–Saint Paul, MN
Sales
new
Philadelphia, PA
Sales
new
Chicago, IL
Operations
new
Dallas-Fort Worth, TX
Finance
new
Philadelphia, PA
Operations
new
Atlanta, GA
Data + Analytics
new
Lake Mary
Operations
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Content
new
Houston, TX
Data + Analytics
new
Chicago, IL
Operations
new
Lake Mary
Operations
new
Lake Mary
Finance
new
Dallas-Fort Worth, TX
Marketing
new
Chicago, IL
Operations
new
Wyomissing
HR + Recruiting
new
Chicago, IL
Finance
new
Kansas City, MO
HR + Recruiting
new
Chicago, IL
Finance
new
Chicago, IL
Operations
new
Minneapolis–Saint Paul, MN
Data + Analytics
new
Detroit, MI
Developer
new
Chicago, IL
Operations
new
Phoenix – Mesa – Scottsdale, AZ
Operations
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Project Mgmt
new
Chicago, IL
Developer
new
Chicago, IL
Finance
new
Minneapolis–Saint Paul, MN
Data + Analytics
new
Chicago, IL
Operations
new
Chicago, IL
Sales
new
New Orleans, LA
Data + Analytics
new
Chicago, IL
Finance
new
Philadelphia, PA
Product
new
Chicago, IL
Finance
new
Dallas-Fort Worth, TX
Finance
new
Chicago, IL
Marketing
new
Chicago, IL
Operations
new
Lake Mary
Finance
new
Dallas-Fort Worth, TX
Data + Analytics
new
Chicago, IL
Finance
new
Chicago, IL
Developer
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Sales
new
Philadelphia, PA
Developer
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Operations
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Operations
new
Lisle
Operations
new
Chicago, IL
Operations
new
Lake Mary
Operations
new
Lake Mary
Operations
new
Sioux Falls
Data + Analytics
new
Chicago, IL
Operations
new
Lake Mary
Operations
new
Lisle
Operations
new
Miami, FL
Sales
new
Lake Mary
Data + Analytics
new
Chicago, IL
Operations
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Finance
new
Chicago, IL
Finance
new
Chicago, IL
Finance
new
Chicago, IL
Finance
new
Chicago, IL
Operations
new
Dallas-Fort Worth, TX
Finance
new
Dallas-Fort Worth, TX
Content
new
Minneapolis–Saint Paul, MN
Internships
new
Wyomissing
Operations
new
Wyomissing
Finance
new
Chicago, IL
Internships
new
Chicago, IL
Sales
new
Philadelphia, PA
Operations
new
Sioux Falls
Sales
new
Melville
Data + Analytics
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Operations
new
Sioux Falls
Operations
new
Wyomissing
HR + Recruiting
new
Chicago, IL
Developer
new
Chicago, IL
Operations
new
Chicago, IL
Operations
new
Lisle
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView CNA's full profileSee more CNA jobs