Synack is hiring a

Senior Security Analyst

Austin, United States

Imagine a world dedicated to Security Without Compromise. Synack, headquartered in Silicon Valley with regional offices around the world, has protected over 100 global organizations by reducing companies’ security risk and increasing their resistance to cyber-attack. How do we do this? By utilizing the world’s best and most trusted team of ethical hackers who test through our powerful and controlled platform to deliver real security without compromise. At Synack, we aren’t afraid to think outside the box or take on big challenges. Backed by top-tier venture capital firms including Kleiner Perkins Caufield & Byers, Microsoft, and Google Ventures, Synack's mission is to leverage global security talent coupled with advanced technology to help enterprises discover security vulnerabilities before they become business problems. Discover the possibilities at Synack!

As a member of our Vulnerability Operations team, you will have no shortage of interesting vulnerabilities to look at and learn from.  In this role, you will be responsible for analyzing vulnerabilities and reporting these threats in real-time to our customers. If you would like to work alongside security experts and tackle tough security challenges, keep reading...

Here’s what you'll do

  • Technical Communication - Interface with our crowd of hackers, the Synack Red Team, to ensure alignment between their efforts and the security needs of our customers, assist with technical issues, and prepare and launch successful security assessments
  • Client Communication - Be the InfoSec technical expert while assisting project managers during client communication, ensuring security assessments run smoothly and exceed expectations
  • Validating results - Validate the vulnerabilities discovered by the Synack Red Team by replaying researcher provided proof of concept exploits against our client’s targets, and then proofread vulnerability reports before they are delivered to our clients

Here's what you'll need

  • Bachelor’s degree in Computer Science or related field (Or equivalent work experience)
  • Must have 2+ years of experience as a Security Analyst, Infosec Consultant, Penetration Tester, or in a similar role. Penetration testing experience is the most applicable experience for being successful at this role
  • Operational knowledge of web applications and their potential vulnerabilities as well as how to exploit them and mitigate them
  • The proven ability to leverage your knowledge of common network, mobile and web application penetration testing tools
  • A clear understanding of the OSI model, TCP/IP and industry-standard defensive concepts
  • Awareness of best practices, information security risk management, and industry trends
  • A working knowledge of industry standards such as CVSS
  • Bug bounty experience is a plus
  • Web Application penetration testing experience is a huge plus
  • OSCP, CEH, Security+, CISSP, or any GIAC certifications are a plus. Certifications focused on penetration testing are preferred.
  • Programming/scripting experience is a plus, but not required

It’s all hands on deck, it’s hard work, it’s winning, it’s Synack. Join us!

Synack is committed to embracing diversity. Our people are our strength.  Each addition to our team is an opportunity to grow and diversify our ideas, experiences, and viewpoints. We strive to be inclusive of Race, Ethnicity, Religion, Sex, LGBTQ+, Veterans, Disabilities, and Age.  Synack welcomes you!