Penetration Tester (Red Team), Information Security
Equinix is one of the fastest growing data center companies, growing connectivity between clients worldwide. That’s why we're always looking for creative and forward-thinking people who can help us achieve our goal of global interconnection. With 200 data centers in over 24 countries spanning across 5 continents, we are home to the Cloud, supporting over 1000 Cloud and IT services companies that are directly engaged in technological innovation and development. We are passionate about further evolving the specific areas of software development, software and network architecture, network operations and complex cloud and application solutions.
At Equinix, we make the internet work faster, better, and more reliably. We hire talented people who flourish solving hard problems and give them opportunities to hone new skills, try new approaches, and grow in new directions. Our culture is at the heart of our success and it’s our authentic, humble, gritty people who create The Magic of Equinix. We share a real passion for winning and put the customer at the center of everything we do.
A Red Team Penetration Tester (Pen Tester) is responsible for securing Equinix’s digital assets, through active hunting and identification of threats and vulnerabilities, in our environment, that are not detected by traditional vulnerability scanning. The Pen Tester should possess a deep understanding of both information security and computer science. They should understand basic concepts such as networking, applications and operating system functionalities, and be able to learn advanced concepts such as application manipulation, exploit development, and stealthy operations.
Perform network penetration, web, mobile and business application testing, source code reviews, threat analysis, wireless network assessments, OT/IoT security assessments, and social-engineering assessments
Develop comprehensive and accurate reports and presentations for both technical and executive audiences
Effectively communicate findings and remediation strategies to business stakeholders including technical staff, executive leadership, and legal counsel
Recognize and safely utilize attacker tools, tactics, and procedures
Develop scripts, tools, or methodologies to enhance Equinix’s red teaming processes
Bachelor's degree in Computer Science, MIS, or related degree preferred
3-5 years’ experience in at least three of the following:
Network penetration testing and manipulation of network infrastructure
Web, mobile and/or business application assessments
OT/IoT security assessments
Email, phone or physical social-engineering assessments
Shell scripting or automation of simple tasks using Perl, Python or Ruby
Developing, extending, or modifying exploits, shellcode or exploit tools
Developing applications in C#, ASP, .NET, ObjectiveC, or Java (J2EE)
Reverse engineering malware, data obfuscators, or ciphers
Source code review for control flow and security flaws
Strong knowledge of tools used for wireless, web application, IoT/OT and network security testing
Thorough understanding of network protocols, ICS/SCADA/Bacnet protocols, data on the wire, and covert channels
Mastery of Unix/Linux/Mac/Windows operating systems, including bash and Powershell
Experienced in utilizing various SIEM (e.g. Azure Sentinel, Splunk, Elastic) and EDR (e.g. CrowdStrike, SentinelOne, Microsoft ATP) tools for threat hunting
Strong knowledge of security controls and services in AWS, GCP and Azure cloud platforms
Background and knowledge of general security concepts, such as defense-in-depth, MITRE ATT&CK framework, and security architectures
Ability to document and explain technical details in a concise, understandable manner
Ability to manage and balance own time among multiple tasks, and mentor junior staff when required
Equinix is an equal opportunity employer. All applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with disability.