Customer Success Engineer
Our job is to enable enterprise organizations to effectively communicate their vulnerability management program’s health, and speed up their remediation efforts. We help organizations minimize their IT risk so that they can focus on what they love doing–building amazing solutions and keeping their customers happy.
As a Customer Success Engineer, you help maintain the success of our NopSec customers by leveraging your expertise to help implement a complex product while ensuring high-rates of customer satisfaction, and offering roadmap advice to Product Management.
- Train and onboard new customers.
- Perform Vulnerability Management scanning.
- Meet virtually with customers regularly for proactive troubleshooting.
- Prioritize support case escalations.
- Handle customer complaints.
- Work with Product Managers, UX, developers, and other stakeholders.
Round off your job description by explaining the qualifications—in terms of education, experience, and skills—required for the role. Break these out into two categories: minimum qualifications and preferred qualifications.
- Bachelor’s degree in computer-related field, or equivalent practical experience.
- Experience working in customer-facing technical roles.
- Experience writing Python code.
- Experience working with user research and customer feedback.
- Experience collaborating closely with product, engineering, and UX teams.
Senior Penetration Tester
- Conducts research & penetration testing on external facing resources as well as internal assets to determine risks
- Oversee vulnerability research and exploit development activities.
- Execute simulated attacks within virtual and production environments
- Conduct research on penetration testing automation
- Focal point for threat intelligence gathering and counter-surveillance activities
- Stays on top of the “vulnerability landscape” and prepare counter-measures
- Develop scripts, tools, or methodologies to uncover active risks in advance of the public.
- Attack simulation and analysis
- Recognize and safely utilize attacker tools, tactics, and procedures
- Author comprehensive and accurate reports and presentations for both technical and executive audiences
- Effectively communicate & reproduce findings to stakeholders at all levels across the organization
- Provide subject matter enterprise to stakeholders to reproduce findings/reverse engineer exploits/attacks
- Provide detection guidance to other team members in a timely manner
- Train other team members in penetration testing methodologies
- Actively participate in Red Team engagements including Social Engineering and Internal network lateral movement.
Desired Skills and Experience
- Experience in:
- Web, mobile and/or service-based application vulnerability assessments
- Network penetration testing of enterprise network infrastructure
- Developing applications in Python and / or C/C++
- Developing, extending, or modifying exploits, shellcode or exploit tools
- Source code review for control flow and security flaws
- Proficient in one or more operating systems (Unix/Linux/Mac/Windows)
- Strong knowledge of network protocols, data on the wire, and covert channels
- Knowledge of web application exploitation methodologies Familiar with fundamentals of software exploitation on multiple operating systems
- Ability to independently research new vulnerabilities in software products
- Admirable communication skills (verbal and written) are required
- Excellent written skills, articulating highly technical topics to a wide range of audiences
- Vulnerability exploitation, payload creation and exploit development
- Proficient with Bash, Python, and has a basic understanding of
programming in Windows environments
- In depth knowledge of the OWASP top 10 in terms of risk and
- In depth familiarity with the Metasploit framework, and post
exploitation methods to migrate laterally within organizations.
- Capable of taking the lead role on application, network, wireless, mobile,
and social engineering engagements including kick off meetings, testing,
- Familiarity with Kali Linux, and the operation of the tools it is
packaged with (Ettercap, Nmap, John the Ripper, Fierce, ike-scan,
Mimikatz, Responder, Metasploit, SMBMap, etc.)
- Bachelor’s degree in a technical field or equivalent experience
- Master’s Degree in Cyber Security, Computer Science, or Technology related fields a plus but not required
- Preferred certifications:
- OSCP (Offensive Security Certified Professional),
- OSCE (Offensive Security Certified Expert)
- GWAPT (GIAC Web Application Penetration Tester)
- GPEN (GIAC Penetration Tester)
- GXPN (GIAC Exploit Researcher and Advanced Penetration)
Nopsec Inc. is looking for a mid-level/senior frontend or fullstack engineer with strong FE experience to join our team, and build the UVRM platform that enables security professionals excel on their vulnerability management practice. The candidate’s primary responsibilities include:
- Build new product features on top of existing React + Redux architecture
- Work closely with our UI/UX mastermind to design and implement front end features
- Own the front end architecture
- Learn the good concepts from current architecture and improve on parts that can be done better
- Take new ideas/initiatives/features introduced into React ecosystem into the project
- Work closely with our internal security experts to secure the application
- Learn, have some fun working with a group of dedicated engineers, and do some good.
Besides these primary responsibilities, we are flexible whether the candidate wants to focus 100% on front end or open to learn some Python 3 and work as a fullstack engineer.
- 2+ years of professional React.js experience
- Experience dealing with enterprise data would be a good plus
- Want to work with people with integrity
- Must be a team player
- Willing to dive into problems without clear solutions, and solve it (and feel good solving it)
- Willing and eager to learn
- Willing to work for a startup and know you have to wear multiple hats at times to help the team win
- Curious about cybersecurity (prior knowledge is absolutely not required)
- Not afraid of white hat
- Not a hater for our tech stack:
- Python 3 and Django
- Postgresql, Elasticsearch