Description
Do you love what you do for a career? Do you want to?
Urbane is seeking the most talented, driven, and intelligent in offensive and defensive security to join our Security Services teams to help secure the largest and most interesting organizations, platforms, and products in the world. From large-scale cloud platforms to the newest mobile applications; global financial processing to regional healthcare providers; cutting edge devops environments to traditional corporate enterprises - Urbane is called on to help organizations face unique, highly technical, and critical challenges.
In this role you’ll assess the unique and technical environments for both merchant and service providers for their compliance to the PCI DSS, provide clearly detailed and technical remediation guidance for any gaps, and serve as an expert resource in helping implement compliance requirements. Given your expertise and drive, you’ll face diverse challenges, including some of the most technically unique environments in the world. You’ll have the opportunity to excel independently while having an expert team drive you to achieve your best and back you up with the diverse challenges you’ll face. To back you up, you’ll have Urbane’s security services team available to provide expert technical opinion and assist with the more technical of environments.
With Urbane you’ll have the power to make a difference and face real challenges: improving environments security, advising teams on the most effective ways to address the core security problems, and address real security problems. Challenges vary week to week and provide a wealth of experience.
Sound like an exciting challenge and a cause you can get behind? Read on.
Who You Are
You should possess the following key character traits:
• Highly technical with hands-on experience in the latest technologies. You don’t just check the box, you dive into the inner workings to understand the how and why. You’ve spent time researching the technical workings of current trends in devops tools, well established cloud service providers, and legacy operating systems alike, and have pondered trust relationships between these environments. You may have even gone so far as to build your own test environments to learn how a solution handles authentication, integrity, or cryptography.
• Creative, out-of-the-box thinker who can leverage various domains of knowledge to create uniquely tailored tests and solutions for complex problems. You evaluate situations for their root cause, and consider the implications of a recommendation prior to making it.
• You’re curious by nature, intrigued by how things work, and have an appetite to find weaknesses in their design and implementation.
• You prefer building, contributing, and leading over falling in line. You’re happy to take the initiative in building a tool or resource that makes everyone’s lives easier.
• Urbane team members value developing long-term client relationships over “drop the mic” moments. You want to provide remediation suggestions that address the core issues, are sustainable, and work within the confines of the target environment.
• You’re passionate about technology and find entertainment in crazy personal projects (i.e., programming a USB Nerf gun and webcam to mess with your cat while you aren’t at home, building an enterprise-grade virtualization environment in your closet, or seeing how many neighbors think your “free” wifi is actually “free”).
• A desire to stay current with the latest technologies, attacks, and hardening strategies. You’re a regular online reader of blogs and social media for the latest in security, enjoy good conference talks, and/or contribute to interesting projects.
• Driven personality, with a desire to continuously improve, put in the hours, and deliver. You take pride in your work, and you want it to be the best you can do.
• Highly organized and detail-oriented with the ability to independently prioritize multiple projects while still balancing personal goals. You recognize when you need help, and aren’t afraid to ask for it.
• Have a strong ethical compass and an understanding of ethics in business and information security. You’ll respect scope limitations, clean up after your attacks, and never access or retain data that isn’t pertinent to the testing.
• Equally comfortable holding your own with a technical audience (especially the Unix-Beards) as well as communicating to a non-technical audience (including the C-Suite), both in writing and verbally.
• Maintain a unique and independent identity, but respect other business’ culture, including dress apparel, level of formality, and work schedules. We maintain a startup-style culture internally, while presenting a clean, elevated, and refined image to the rest of the world.
• Enjoy travel and are a self-proclaimed road warrior (up to 50% of Domestic/International travel may be required). You have (or are able to obtain) a valid US Passport and have bu