Senior Penetration Tester

Full Time
New York, NY
Areas of Interest: Test and Evaluation, Threat Analysis, Vulnerability Assessment and Management
report a problem

Bloomberg harnesses the power of information for people who want to change the world. Whether they’re in business, finance, government, policy or philanthropy, we help our clients turn data into insights so they can cut through complexity to solve challenges great and small.

We protect Bloomberg.

The Penetration and Security Analysis Team is trusted as an authoritative internal resource for Bloomberg; we put security risks in context in order to help meet business goals. Each of us are specialists in application, network, and data security. On any given day we're performing penetration tests on both third party, internal applications, and networks while evaluating processes, network design and access controls.

You'll be trusted to conduct security assessments from start to finish with minimal assistance. You'll tap into your 'security instincts' to breakdown complicated technical issues and the risks they pose to programmers, network engineers, system administrators and management. Through collaboration with those teams you'll ensure correct design, development and implementation of internal and customer facing projects. Performing active assessments of the Bloomberg DMZ, Bloomberg customer network and Bloomberg corporate network and developing proof of concept exploit code to demonstrate severity of findings to all of the above will be second nature to you.

While deep technical skills are critical to success with us we're also looking for fast learners who are passionate about cyber security and are constantly researching to stay ahead of the newest threats. You should be analytical and love to problem solve. Teamwork is key so it's important you know how to collaborate and be a great teammate.

You need to have:

  • Led and performed penetration testing on large enterprise Windows networks
  • Driven the "fix it" phase of penetration testing
  • Consistent record of discovering, analyzing and exploiting application vulnerabilities and misconfigurations on Windows platforms
  • Experience assessing and hardening Active Directory and Group Policy and knowledge of cutting edge security features of Microsoft Windows
  • Ability to adapt existing exploits or advisories into robust exploits specific to the Bloomberg environment
  • Familiarity with cutting edge trends in vulnerability analysis, exploit development and vulnerability discovery
  • Intimate knowledge of Windows internals, especially those relevant to authentication and access control and other facets of security
  • Ability to read, write, and audit C or C++
  • Proficiency in at least one scripting language (bash, perl, python, powershell, etc.)
  • Experience with development of custom toolsets when necessary
  • Strong Windows system administration and security assessment skills
  • Familiarity with auditing techniques for MSRPC and ActiveX interfaces
  • Familiarity with historical vulnerabilities in common operating systems (Windows, Solaris, Linux)
  • Excellent understanding of secure data storage and transport implementations (PGP/SSH/SSL/IPSEC/etc.)
  • Deep understanding of low level TCP/IP networking and common protocols such as RADIUS, LDAP, KERBEROS, etc.
  • Knowledge of secure network design
  • Experience analyzing network traffic captures using tools such as tcpdump, wireshark, etc.

We'd love to see:

  •  Experience participating as a member of a red team
  •  Experience working with BMC Bladelogic and HP Openview
  •  Proficiency in using IDA Pro, Ollydbg/Immdbg, Windbg and/or other software analysis/debugging tools
  •  Proficiency in reading at least one dialect of assembly
  •  Familiarity with modern malware

If this sounds like you:Apply! If we think you are a good match we'll get in touch to let you know the next steps.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.


Share this job:

Bloomberg LP

Bloomberg, the global business and financial information and news leader, gives influential decision makers a critical edge by connecting them to a dynamic network of information, people and ideas. The company’s strength – delivering data, news and analytics through innovative technology, quickly and accurately – is at the core of the Bloomberg Professional service, which provides real time financial information to more than 320,000 subscribers globally. Bloomberg’s enterprise solutions build on the company’s core strength, leveraging technology to allow customers to access, integrate, distribute and manage data and information across organizations more efficiently and effectively. Through Bloomberg Law, Bloomberg Government, Bloomberg New Energy Finance and Bloomberg BNA, the company provides data, news and analytics to decision makers in industries beyond finance. And Bloomberg News, delivered through the Bloomberg Professional service, television, radio, mobile, the Internet and two magazines, Bloomberg Businessweek and Bloomberg Markets, covers the world with more than 2,430 news and multimedia professionals at 146 bureaus in 73 countries. Headquartered in New York, Bloomberg employs more than 15,500 people in 192 locations around the world.
financial data, analysis, media, news
Visit Bloomberg LP's Social Media pages:
Company Industry: Financial Services
Company Type: Privately Held
Company Size: 10,001+