Security Assessment Engineer II
Security Assessment Engineer II defines and implements creative techniques to protect Paychex's critical assets against the constantly changing threat landscape. The role is akin to a Penetration Tester who works closely with engineering teams to assess the threat landscape, design, build, and perform ethical hacking exercises. They make decisions around the commercial/open source security testing tools that we add to our security testing process and use their knowledge of tools and processes to expose common vulnerabilities. They are also responsible for testing the overall security of web applications, servers, and critical infrastructure devices. This includes reviews to ensure compliance with internal policies and industry standards.
- Perform application and infrastructure penetration tests to uncover technical vulnerabilities before they are exploited.
- Ensure that identified vulnerabilities are entered into a Vuln Mgmt Lifecycle, prioritized, and addressed in an appropriate timeframe.
- Compile and produce technical reports that include suggested resolution for identified problem areas and relay results to non-IT personnel.
- Perform physical security reviews and social engineering tests to determine security readiness of Paychex facilities and personnel.
- Perform security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS).
- Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets.
- Lead training and shadowing activities representing the Security Assessment team, including document/slide creations and presentations.
- Learn and maintain ALL security assessment tools in Production and in the VA Test Lab, including hardware and appliance maintenance.
- Other duties as assigned to support the general purpose of the position's function.
- Bachelor's Degree in Security or another related discipline .
- 7 years of experience in Linux, Solaris, Windows, AIX, Oracle, SQL Server, PostgreSQL, MySQL.
- 3 years of experience in Network or wireless design and management.
Paychex, Inc. (NASDAQ: PAYX) is a leading provider of integrated human capital management solutions for payroll, HR, retirement, and insurance services. By combining its innovative software-as-a-service technology and mobility platform with dedicated, personal service, Paychex empowers small- and medium-sized business owners to focus on the growth and management of their business. Backed by more than 40 years of industry expertise, Paychex serves approximately 590,000 payroll clients across 100 locations and pays one out of every 15 American private sector employees. Learn more about Paychex by visiting www.paychex.com, and stay connected on Twitter and LinkedIn.