Penetration Tester

MailChimp is the world's leading email marketing service. More than 10 million people and businesses use MailChimp to design and send 1 billion emails a day. We empower small businesses with a suite of powerful and easy-to-use email, marketing automation, and analytics tools that integrate with hundreds of popular applications and services.

MailChimp is looking for a security savvy Penetration Tester to join our Operations Team. You'll use your natural curiosity and determination to seek out, exploit, and help destroy security vulnerabilities in our app. You are well-versed and up-to-date on security risks, vulnerabilities, trends, how to test for these risks.

• Collaborate with the Engineering and Operations team to review code and identify possible security risks
• Develop and execute a penetration testing plan for each new release
• Provide coding/technical recommendations and remedies
• Spend hours trying to break our app (aka - penetration testing)
• Review and validate vulnerabilities reported via responsible disclosure program

Requirements

• Familiarity with common web application penetration testing tools (Burp Suite, WebScarab, nmap, etc.) and vulnerability scanners
• Ability to manage and prioritize many tasks at a time
• Ability to work under minimal supervision
• Code proficiency using one or more of the following languages: PHP, Java, Python or SQL
• Excellent oral and written communication skills
• Knowledge of TCP/IP networking, and network services such as NDS, SMTP, DHCP, etc.

Bonus Points for

• Experience with integrations and mobile applications
• Experience with w3af and Wireshark