At ZoomInfo we encourage creativity, value innovation, demand teamwork, expect accountability and cherish results. If you are a take charge, take initiative, get stuff done individual we want to talk to you! We have high aspirations for the company and are looking for the right people to help fulfill the dream. We strive to continually improve every aspect of the company and use cutting edge technologies and processes to delight our customers and rapidly increase revenues.

We are looking for a successful Infrastructure and Cloud Penetration Tester at ZoomInfo who possess a deep understanding of both information security and computer science. You should understand basic concepts such as cloud networking, identity and access management, console, applications, functions, other functionality and be able to learn advanced concepts such as application manipulation, exploit development, and stealth-focused operations. A typical job could be breaking into a backend/management application hosted in the cloud, lateral movement within the cloud environment, accessing sensitive information or compromising the environment, all without being detected.

If you can exploit at scale while remaining stealthy, identify and exploit misconfigurations in cloud infrastructure, parse various types of output data, present relevant data in a digestible manner, think well outside the box, or are astute enough to quickly learn these skills, then you’re the type of person we’re looking for.

You will be part of ZoomInfo’s global cyber security team and more specifically an elite offensive team reporting to the head of Offensive Security at ZoomInfo.

You are expected to quickly assimilate new information as you will face new environments on a recurring basis. You will be expected to understand the applicable threat vectors for each environment and assess them properly. You will get to work with some of the best red teamers in the industry, enabling you to develop new skills as you progress through your career. Are you up to the challenge?

Responsibilities

• Perform cloud and infrastructure penetration testing, remediation activities, and threat analysis assessments.
• Effectively communicate findings to relevant stakeholders.
• Recognize and safely utilize attacker tools, tactics, and hacking techniques.
• Develop scripts, tools, or methodologies to enhance ZoomInfo’s red teaming processes in scale.

Qualifications

Minimum Requirements

2-3 years experience in the following:

• GCP, AWS and Kubernetes
• Strong knowledge of IAM, VPCs, Storage containers, Databases, Functions, Logging, APIs, etc.
• Cloud penetration testing and manipulation of cloud network infrastructure
• Cloud architecture design
• Development and usage of Terraform, Kubernetes, Docker, Ansible, etc.

5-7 years experience in the following:

• Shell scripting or automation of simple tasks using Python or nodeJS
• Developing, extending, or modifying exploits or exploit tools
• Function code review for control flow and security flaws
• Strong knowledge of tools used for cloud and network security testing
• Thorough understanding of network protocols, data on the wire, and covert channels
• Deep knowledge of Linux/Mac/Windows operating systems, including Bash and/or PowerShell
• Infrastructure penetration testing while most of the time focused on assessing cloud environments, both public or private ones.

Desirable Qualifications

• Ability to successfully interface with key internal stakeholders
• Ability to document and explain technical details in a concise, understandable manner
• Security Architecture experience
• Incident Response/Incident Remediation experience
• Knowledge of CI/CD products, such as Jenkins, Gitlab CI/CD, bitbucket CI/CD and GCP Cloud Build
• Knowledge of tools such as Terraform integrated with cloud-based CI/CD products
• OSWE/OSCP/CCSP/CISSP certification

The US base salary range for this position is between $110,000.00 - $152,000.00 + bonus + equity + benefits.

Actual compensation offered will be based on factors such as the candidate’s work location, qualifications, skills, experience and/or training. Your recruiter can share more information about the specific salary range for your desired work location during the hiring process. We want our employees and their families to thrive. In addition to comprehensive benefits we offer holistic mind, body and lifestyle programs designed for overall well-being. Learn more about ZoomInfo benefits here.

About us:

For over a decade, ZoomInfo has helped companies achieve their most important objective: profitable growth. Backed by the world's most comprehensive B2B database, our platform puts sales and marketing professionals in position to identify, connect, and engage with qualified prospects.

Our mission is to provide every company with a 360-degree view of their ideal customer, empowering each phase of their go-to-market strategy and driving their ability to hit their number.