We're looking for motivated hackers to join our team
- Improve vulnerability management lifecycle processes, including Discovery, Assets Prioritization, Vulnerability Assessment, Reporting, Remediation, and Validation
- Drive program maturity, reducing the time to vulnerability remediation by integrating technology platforms, automating processes, providing actionable vulnerability remediation guidance
- Scope, plan, facilitate, and perform Vulnerability Assessment and Penetration Testing technical assessments
- Research emerging threats and malicious actor tactics, techniques, procedure (TTPs), system vulnerabilities, and key indicators of exploits across diverse technologies and rapid changing environments, including on-premise/cloud infrastructure to determine risk rating of vulnerabilities to business assets
- Build relationships and break down barriers between teams.
- Serve as an advisor, raising awareness of vulnerabilities, exposure, and business impact to enterprise systems.
- Oversee the Bug Bounty program.
- Experience with Kubernetes ecosystem tools like Prisma, Aqua, StackRox, Clair, Anchore, Vault, Calico, OPA, Istio, Envoy, Prometheus, Fluentd, Operator Framework
- Penetration testing and code review (including DAST and SAST; experience with JAVA environments plus AngularJS tool familiarity is highly preferred).
- Understanding security fundamentals and common vulnerabilities (e.g., OWASP Top Ten) in addition to more modern web app and enterprise app vulnerabilities
- Threat emulation in a Cloud native environment.
- Additional experience in IT, security engineering, system and network security, authentication and security protocols, and/or applied cryptography
- Network and web-related protocol knowledge (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
- Federal and industry regulations understanding (ISO 27001, HIPAA, FISMA Moderate)
- Strong communication skills (i.e., written and verbal)
- Prior experience with software development/engineering with either a full-stack or backend development focus is highly preferred
- OSCP/E, GWAPT, GPEN, or GXPN certifications are helpful, but not a necessity.
Physical Demands and Working Conditions
- Must be able to work well with people.
- Ability to operate a computer and work at a desk for extended periods of time.
- Ability to communicate effectively in writing, in person, over the telephone and in e-mail.
Why work here?
BFS is a place where Exceptional Teams come together to do their
best work. Hiring Exceptional Teams, including the best talent in
our industry, is a core value of ours. BFS employees are
surrounded by intelligent, motivated individuals every day. We
like to call it #TheBestTeamOnThePlanet.
We value every employee and their contribution to what makes BFS successful. We give right back to the employee through a generous benefits package, great flexibility, and continuous opportunities for advancement.
Not only do we hire Exceptional Teams, but we work hard to keep them here by developing and challenging their skillsets, encouraging professional development and growth, and offering a culture that can't be found elsewhere. Which is why we say - #WhyWorkAnywhereElse
To put it simply, working at is fun, challenging, and rewarding. From our Fitness Clubs to our awards programs, from our company parties to our competitive benefits, you can't really go wrong. BFS could be your next (and last) career move!
We are growing quickly and always looking for talented individuals to add to #TheBestTeamOnThePlanet
Here are some of the benefits BFS employees enjoy:
- Generous PTO package of three weeks, increasing after just three years of employment
- Competitive compensation with annual merit increase reviews
- 100% medical premium coverage (yes, you read that right!)
- Dental/Vision Plans
- 401k Plan
- Employer Paid Life Insurance Policy ($50, 000)
- Great Flexibility
- Wellness Programs (every employee gets a Fitbit!)
back to careers