We are seeking a highly skilled and motivated Cybersecurity Engineer to join our global team of penetration testers and security architects. This is an exceptional opportunity to apply your expertise to HP's dynamic and diverse web application landscape, encompassing mobile, on-premises, SaaS, and product architectures.
As a Cybersecurity Engineer, you will be a central member of the Architecture & Security Engineering function, tasked with solving complex security challenges. You will have the opportunity to collaborate with stakeholders across the enterprise and play a critical role in strengthening HP’s security posture.
Key Responsibilities
Hands-On Penetration Testing
- Apply advanced penetration testing techniques to identify and mitigate vulnerabilities in HP’s web and mobile applications hosted in AWS, Azure, and GCP environments.
- Conduct in-depth security assessments of web/mobile apps, APIs, and cloud services to ensure compliance with best practices and industry standards.
Stakeholder Collaboration
- Partner with business units and application teams to ensure robust security measures are implemented during the application development lifecycle.
- Act as a trusted advisor, providing expert guidance on addressing vulnerabilities and improving security processes.
Red Teaming & Security Validation
- Participate in red team exercises to simulate real-world attack scenarios, identifying gaps and recommending actionable improvements.
- Perform detailed assessments of mobile applications and thick-client architectures to uncover critical security flaws.
Tool Utilization & Optimization
- Utilize industry-standard tools such as Burp Suite, OWASP ZAP, Acunetix, Metasploit, Nmap, Sqlmap, and MobSF for testing and analysis.
- Stay updated with the latest tools, techniques, and vulnerabilities to ensure cutting-edge security practices.
Knowledge Sharing & Process Improvement
- Contribute to the continuous enhancement of HP’s security practices by documenting findings, sharing knowledge, and mentoring junior team members.
- Proactively recommend and implement process improvements to align with evolving security standards and business needs.
Required Skills & Expertise
Deep Understanding of Application-Level Vulnerabilities
- Proficiency in identifying and addressing vulnerabilities such as XSS, SQL Injection, CSRF, authentication bypass, weak cryptography, and other security flaws.
- Expertise in applying manual and automated techniques to detect these vulnerabilities effectively.
Hands-on experience with Security Tools
- Comprehensive knowledge of tools like Burp Suite, OWASP ZAP Proxy, Acunetix, Sqlmap, Metasploit, MobSF, and Nmap.
- Experience in leveraging these tools to conduct thorough assessments and generate actionable insights.
Added Advantages
- Participation in bug bounty programs or red teaming activities.
- Experience with mobile application testing and familiarity with advanced security concepts.
Soft Skills
- Strong communication and interpersonal skills, with the ability to work collaboratively with diverse teams.
- The analytical and problem-solving mindset with a focus on delivering practical solutions.
Educational Qualifications & Certifications
- Essential Certification. Certified Ethical Hacker (CEH).
- Preferred Experience. 2 to 5 years in an enterprise-level penetration testing environment.
- Relevant training and certifications in cybersecurity or related domains are highly desirable.
Why Join HP?
At HP, we are dedicated to creating a sustainable and positive impact on the planet and our communities. We are committed to advancing human capital development and fostering a progressive workplace environment. Joining HP means being part of a global leader with a culture that values innovation, diversity, and inclusion.
Take the next step in your cybersecurity career and make a lasting impact with HP. Together, let’s build a secure, better future for everyone.