Offensive Security Manager – Product Security M4 – Avalara

Titulo da Vaga: Offensive Security Manager – Product Security M4

Localização: Brasil

Descrição da Vaga: Job Description:What You’;ll DoAvalara’s Product Security organization is looking for a Penetration Testing Senior Manager to lead our Offensive Security team. In this role you will be responsible for leading a team of highly skilled penetration testers whose mission will be to conduct offensive pen-testing activities against our microservices, applications, infrastructure, data-layer and AI-based services. You will work closely with our engineering groups to define pen-test scope, schedule, lead assessment engagements, and map assessment findings into engineering plans for remediation, ultimately guiding our product security uplift activities.This is a unique opportunity to make real impacts on our overall security posture, define the strategic direction and evolution of our assessments team, and help Engineering improve our security designs for our next generation of systems and services.This role will report to the VP of Product Security. What Your Responsibilities Will BeLead, manage, and develop our geographically distributed offensive security and pen-test team. Mentor and teach junior pen-testers on TTPsManage and organize pen-test preparation and scheduling activities for in-house and out-ofhouse white-box and grey-box assessment activities.Create written assessment reports for both engineering and IT consumersValidate, refine, and defend the offensive security team’s work productOversee Avalara’s responsible disclosure programs (RDP) and bug-bounty programsBe a subject matter expert and ambassador to Avalara Engineering in the areas of secure coding practices, penetration testing, and all other aspects of application, AI, and infrastructure securityWhat You’ll Need To Be SuccessfulBasic Qualifications:  Hold an Offensive Security Certified Professional (OSCP) certification3-5 years of management experience, and 12+ years overall of security assessment experience Have a formal knowledge of attack vectors, exploits and mitigations, and be able to verbalize Tactics, Techniques and Procedures (TTPs) related to carrying out security assessments  Prior experience scoping and performing pen-testing of applications, and microservices based environments, from limited to full scope across a wide range of API &; UI technology stacks, public cloud and infrastructure. Ability to problems solve and make complex analytical decisions with less than full information in ambiguous situations and environments   Good conversation level, Strong verbal and written English communication skills  Preferred Qualifications:  Prior experience leading distributed assessments teams over multiple international locations, working with in-house engineering organizations Understanding of secure SDLC/CICD software lifecycle and QA processes, and software security architecture principles Familiarity with hacking applications resident in AWS, OCI and GCP public cloud providers, plus private cloud equivalent service layers Experience with performing AI assessments and OWASP AI LLM Top-10 AI-based pen-testing How We’ll Take Care Of YouTotal Rewards In addition to a great compensation package, paid time off, and paid parental leave, many Avalara employees are eligible for bonuses. Health &; Wellness 
Benefits vary by location but generally include private medical, life, and disability insurance. Inclusive culture and diversity 
Avalara strongly supports diversity, equity, and inclusion, and is committed to integrating them into our business practices and our organizational culture. We also have a total of 8 employee-run resource groups, each with senior leadership and exec sponsorship. What You Need To Know About AvalaraWe’re defining the relationship between tax and tech.We’ve already built an industry-leading cloud compliance platform, processing over 54 billion customer API calls and over 6.6 million tax returns a year. Our growth is real – we’;re a billion dollar business – and we’re not slowing down until we’ve achieved our mission – to be part of every transaction in the world.We’re bright, innovative, and disruptive, like the orange we love to wear. It captures our quirky spirit and optimistic mindset. It shows off the culture we’ve designed, that empowers our people to win. We’ve been different from day one. Join us, and your career will be too.We’re An Equal Opportunity EmployerSupporting diversity and inclusion is a cornerstone of our company — we don’t want people to fit into our culture, but to enrich it. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law. If you require any reasonable adjustments during the recruitment process, please let us know.

Nome da Empresa: Avalara

Salário:

Candidatar-se a vaga!