About AppGate Appgate brings together a set of industry-leading cloud- and hybrid-ready cybersecurity and analytics solutions and services to solve the secure access challenges faced by today's modern digital enterprises.
Appgate delivers the industry's leading universal Zero Trust Network Access and software-defined perimeter solutions, a suite of Risk-Based Authentication and Digital Threat Intelligence & Protection solutions leveraging innovative threat analytics, prevention, detection, and management capabilities, as well as specialized Threat Advisory Services providing a range of offense-oriented adversary simulation, evaluation, and analytics capabilities.
Today, these solutions and services secure access for more than 600 organizations in over 40 countries.
Appgate solutions and services' capabilities include: A highly differentiated, context-aware, and identity-centric secure access control solution using a direct-routed architecture to deliver universal Zero Trust Network Access that scales across complex hybrid environments to transform networks, harden cyber defenses, cut costs, and boost operational efficiencies Multi-channel solutions for dynamic context adaptation based on risk assessment and authentication user and device connections to digital services Proactive threat identification to assess and mitigate risks, detect anomalies, and enhance access controls to strengthen security postures, prevent unauthorized access, and more effectively protect sensitive data, workforces, and resources Specialized consulting services delivered by an elite team of security engineers that can simulate nation-state level adversaries to help organizations identify vulnerabilities in access controls, authentication mechanisms, and user permissions, and provide guidance to strengthen security postures and enhance secure access About the Position Responsibilities Perform in-depth web application audits (common), network penetration tests (common), source code analysis (common), cloud-based security/configuration reviews (common), hardware assessments (less common), cloud-based penetration tests (less common), mobile penetration tests (common) across multiple industries and environments.
Create detailed penetration test reports in the English language (detailing the steps that were taken to exploit the issues and provide actionable remediation suggestions).
Create/script tools and exploits during the engagement to demonstrate a vulnerability with proof or write meaningful test cases (to test all attack theories).
Take a hands-on approach to penetration testing.
Very little automation is used (we take very deep dives into our targets to provide the best results).
Work with other team members on client assessments.
We are a team and work best as a group.
It is very rare to have a solo engagement.
Contribute to in-house written tools (Python) to aide in the penetration testing process.
Work with clients, participate in calls for scoping, kick-offs, and findings, to communicate the scope, status, results, and remediations, and support the smooth progress of the tests; escalate issues when needed Experience and Qualifications Capable of performing in-depth penetration tests (including tests that are 2-3 week duration) for Web Applications, Source Code Auditing, Network Penetration tests, Mobile Penetration Tests, and Cloud-based configuration review.
Strong understanding of vulnerabilities and mitigation controls Good attention to detail and ability to complete tasks by the deadline Capable of focusing on clearly defined objectives when the client requires Well organized and ability to work autonomously Technical curiosity and self-starter Capable of creative thinking to generate and test attack theories to detect vulnerabilities based on your understanding of the targets.
Commitment to the cybersecurity discipline and willingness to support the rest of Appgate, when needed.
Willing to share knowledge with the team or act as a mentor in areas of strength and expertise (as the team will share knowledge with you).
