Senion Penetration Tester : Endpoint Client Security

Job Description

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Job Description: We are seeking a skilled Penetration Tester to assess and enhance the security of our cross-platform executable Qualys Cloud Agent. This agent is responsible for system monitoring, data collection, and secure communication with a cloud platform. Operating across Unix, Windows, and macOS environments, the agent plays a critical role in our security and compliance solutions. The ideal candidate will uncover vulnerabilities, simulate attack scenarios, and work with our teams to fortify the system against threats. Key Responsibilities: Cross-Platform Agent Testing: Conduct comprehensive security testing of the executable agent, ensuring robust functionality across Unix/Linux, Windows, and macOS platforms. Identify and exploit vulnerabilities in the agent?s runtime behavior, system interactions, and interprocess communications. Test agent privilege management and evaluate risks of escalation or exploitation. Data Collection and Handling: Analyze the agent?s data collection mechanisms to ensure data privacy and integrity. Validate proper implementation of sensitive data redaction and secure storage practices. Communication Security: Test the agent?s secure communication mechanisms with the cloud server, focusing on: Encryption (TLS/SSL, public key cryptography). Authentication and session management. Mitigation of threats like MITM, replay attacks, and DNS spoofing. Reverse Engineering and Exploitation: Perform binary analysis to identify vulnerabilities in the agent's implementation. Reverse engineer agent components to assess the effectiveness of tamper-proofing mechanisms and embedded security features. Simulate advanced threat scenarios, including code injection and runtime manipulation. System Security Evaluations: Assess the agent?s impact on host system security, ensuring it does not inadvertently introduce risks (e.g., open ports, exploitable configurations). Evaluate installation, update, and self-defense mechanisms for tamper resistance and exploitation risks. Reporting and Remediation: Provide detailed vulnerability reports with proof of concept (PoC), risk impact assessments, and actionable remediation steps. Collaborate with development team to address vulnerabilities and validate fixes Contribute to improving secure development practices and robust agent design. Required Qualifications: Technical Expertise: In-depth knowledge of penetration testing methodologies for executable agents, system processes, and OS-specific security models (Windows, Unix/Linux, macOS). Proficiency in network security and cryptographic protocol testing. Strong background in reverse engineering tools and techniques Tools & Scripting: Scripting skills in Python, Bash, PowerShell, for creating custom tests. Hands on experience with proxy solutions ex Burp or Fiddler Experience: Proven track record of assessing software agents or similar system monitoring tools. Familiarity with common vulnerabilities, including CVEs related to agent-based applications. Experience working with security tools or platforms similar to Qualys Agent. Certifications (Preferred): OSCP, OSWE, CEH, GPEN, or equivalent cybersecurity certifications. Relevant cloud certifications such as AWS Security Specialty, Azure Security Engineer Associate. Preferred Qualifications: Hands-on experience with agent technologies similar to Qualys Cloud Agent. Familiarity with cloud architecture, APIs, and integration points. Knowledge of secure coding practices and defensive programming. Experience with CI/CD pipeline security.