The Elevator Pitch: You are the cool kid who gets paid to break into networks, systems, and applications legally. Along the way, you may make use of any open-source penetration tools or you may design some of these tools yourself. Your work helps VMware to become more secure against potential cyber-attacks and has a significant impact on security risk to VMware and its customers. What is the primary need, technical challenge, and/or problem you will be responsible for? With our growth of technology offerings and cloud services footprint, we must increase penetration testing in order to discover existing vulnerabilities and logic flaws that may be hidden in VMware applications and infrastructures. You will be part of the Red team to conduct security tests, review findings, and suggest corrective actions with the concerned teams and management. Success in the Role: What are the performance goals over the first 6-12 months you will work toward completing? You will assess and approve firewall change requests within SLA You will validate and provide risk assessment on security issues reported by external researchers within 48 hours You will partner with team members to conduct a minimum of 5 penetration tests You will provide remediation support on penetration test findings What type of work will you be doing? What assignments, requirements, or skills will you be performing on a regular basis? Perform security testing to identify weaknesses and countermeasures and providing timely assessment reports to key stakeholders Conduct attack surface reviews and recommend layered defenses to prevent exploits, detect and intercept attacks, and discover threat agents Perform complex security test data analysis in support of security vulnerability assessment processes, including root cause analysis Monitor vulnerability disclosure mailing lists and threat intelligence feeds to identify and triage new threats and vulnerabilities targeting VMware Serve as an escalation point on issues, dependencies, and risks related to security testing and vulnerability management. What is the leadership like for this role? What is the structure and culture of the team like? The hiring manager has 15 years’ experience in a variety of roles in information security. He started his career as a software engineer from developing low-level device drivers to modern web applications. He then took his engineering background to the information security field where he focused on data loss prevention, vulnerability management, and penetration testing. His management philosophy is about encouraging everyone on the team to be an independent thinker and working smart instead of working long. Currently, the Red team is made up of 8 highly skilled pen testers who come from diverse technical backgrounds, but have a common passion for breaking into applications and systems before attackers do. What are the benefits and perks of working at VMware? You and your loved ones will be supported with a competitive and comprehensive benefits package. Below are some highlights, or you can view the complete benefits package by visiting www.benefits.vmware.com. Employee Stock Purchase Plan Medical Coverage, Retirement, and Parental Leave Plans for All Family Types Generous Time Off Programs 40 hours of paid time to volunteer in your community Rethink's Neurodiversity program to support parents raising children with learning or behavior challenges, or developmental disabilities Financial contributions to your ongoing development (conference participation, trainings, course work, etc.) Healthy and local inspired snacks in all our on-site pantries Due to the Biden Administration issuing an Executive Order (EO) that effectively mandates COVID-19 vaccination for all U.S. based employees of federal contractors and subcontractors, all U.S. based VMware employees will be required to have their final vaccination dose (e.g., second dose of Pfizer or Moderna, or single dose of J&J) by January 4, 2022. Specifically, this means that all U.S. based VMware employees will need to be fully vaccinated by January 18th, 2022, or by their first date of employment if after that date, subject to legally required accommodations. Category : Engineering and Technology Subcategory: Information Security Experience: New Graduate Full Time/ Part Time: Full Time Posted Date: 2021-10-01 VMware Company Overview: At VMware, we believe that software has the power to unlock new opportunities for people and our planet. We look beyond the barriers of compromise to engineer new ways to make technologies work together seamlessly. Our cloud, mobility, and security software form a flexible, consistent digital foundation for securely delivering the apps, services and experiences that are transforming business innovation around the globe. At the core of what we do are our people who deeply value execution, passion, integrity, customers, and community. Shape what’s possible today at http://careers.vmware.com. Equal Employment Opportunity Statement: VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. Vmware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.