Penetration Tester

Requisition ID: 60938**Location**:Tijuana, Baja California, MexicoFunction: Information TechnologyWork is no longer a place. It’s what you do. And how you do it. More fluid, more flexible, powered by your imagination and by some amazing technologyThat’s where we come in. We are Poly. We outfit you with beautifully designed and engineered audio and video products so that YOU can do YOU. Wherever and whenever.Join us as we pursue our disruptive vision to bring professional audio and video meeting technology and services to everyone. Be a part of our journeyWe are looking for a strong Penetration Tester, you will be working with the engineering team to perform vulnerability assessments and penetration tests against a broad range of Poly products and services and assist them in the interpretation and remediation of common software security weaknesses. You will also work with QA, product/program management, and product compliance team supporting them throughout the software development life cycle (SDLC).**Your day to day**- Conduct vulnerability assessments, attack surface analysis and penetration tests against Poly products and IT infrastructure- Raise defects/tickets for each vulnerability found- Drive defect closure to ensure they are fixed according to Poly’s internal deadlines- If necessary, be able to create a working exploit to demonstrate the severity of the vulnerabilities- Help the extended security team respond to customer inquiries regarding product security- Coordinate with third-party penetration test vendors to assess the security of Poly products and services- Contribute to the development of information and product security policies, standards and guidelines related to product and cloud security- Conduct security research to stay abreast of emerging security threats and industry best practices and advise the organization of potential risks and threat mitigation techniques**What you bring to the team**- Experience with one more vulnerability scanners and penetration testing tools - Nexpose, Nessus, Qualys, BurpSuite, OWASP ZAP, Nmap, Metasploit- Scripting experience (bash, python )- Experience with common software security weaknesses (CWE) and their mitigations- Experience penetration testing both Azure and AWS environments- 5+ years of information security experience with an emphasis in penetration testing- Bachelor’s degree in Computer Science or related field- Experience conducting security reviews on embedded systems or IoT devices- Experience conducting security code reviews (especially for Java)- Any other Offensive Security certifications- Embedded (Linux or Android) product development experience a plus- Experience with one or more data security standards: Common Criteria, FIPS, ISO, PCI, HIPAA, FISMA, etc.**Our Culture**At Poly, leadership principles aren't just something we talk about, they're something we live and breathe. We believe in creating a work environment where people feel empowered, supported, and included -where trust and transparency are built into the way we work - where creativity, curiosity, and continuous improvement are encouraged and nurtured every day.- **C3 - Customer. Customer. Customer**: Customer obsession is everyone’s job. You enjoy solving customers’ problems - big or small. You work closely with customers, channel partners and their teams to deliver innovative solutions.- **Raise the Bar**: You take pride in your work and know details matter. You know that shavings make a pile. You seek every opportunity to continuously improve teams, products, and processes.- **Communicate Courageously**: You speak with candor but aren't a jerk. You constructively challenge your teammates to get to the best possible outcome or decision. Once a decision is made, you fully align and stay aligned.- **Onward and Upward**: You learn from the past but focus on the future. You rapidly adapt to changes in the marketplace. You help to create solutions that move the company forward with energy, momentum, and results.- **Own It**: You know your business, your customers, and your team - inside and out. You don't sacrifice long-term value for short-term results. You act with integrity, spend money like it’s your own, and put Poly first.- **Take the Leap**: Speed matters in business. You encourage and require those around you to think strategically and act decisively. Poly values calculated risk taking.- **Ride Together**: We are one team. We do what we say we’ll do, we treat each other with respect, we have each other’s back, and we hold each other accountable.- **Leaders Lead**: You know you are part of a larger global community and make decisions as good stewards of the earth, its resources and its people.**Our Commitment as an Equal Opportunity Employer**All qualified applicants will receive consideration for employment without regard to sex, gender identity or expression, race, age, religious creed, national orig