Offensive Security Engineer, Penetration Testing and Intake Management

The Information Security Protect organization at Procter & Gamble is seeking an Offensive Security Engineer for a hybrid role that combines intake coordination and penetration testing. You will lead and execute penetration tests, coordinate intake and scheduling, manage the testing queue, and plan and deliver end-to-end assessments. You will collaborate with stakeholders to ensure efficient execution, simulate realistic attacker behaviors within the scope of penetration testing, identify security gaps, and drive measurable improvements in security controls, detection, and response across the enterprise.

Responsibilities:

• Consult, design, and execute adversary simulation scenarios.

• Perform manual penetration tests of websites, services, infrastructure, networks, IoT Devices, and mobile applications to discover and exploit vulnerabilities.

• Work with cross functional teams to develop remediation suggestions based on scenario outcomes.

• Report observations using a standardized reporting structure.

• Bypass preventative and detective security controls to accomplish scenario goals.

• Conduct research into real-world threat actor tactics, techniques, and procedures to develop proof of concept tools.

• Investigate findings from our Vulnerability Disclosure Program.

• Partner with Cyber Defense Protect, Detect and Respond teams to operationalize new Cyber Security concepts and processes.

• Manage relationships of customers and key stakeholders.

• Supporting reporting and template creation process.

• Coordinate and oversee the end-to-end preparation and scheduling of penetration testing assessments, including managing the testing queue and ensuring timely execution of all testing activities.

• Identify areas for team process improvement.

Job Qualifications

Qualifications (Required):

• BA or BS degree in Information Security, Cyber Security, Computer Science, or related field (OR 2+ years of relevant experience required in lieu of a degree).

• 2+ years of experience performing security testing.

• Ability to automate tasks by writing basic scripts/programs in at least 1 language (Python, PowerShell, C#, Assembly languages, etc.).

• Basic level command-line experience with Linux-based operating systems.

• Experience in exploiting weaknesses in 2 or more of the following domains: enterprise applications, web applications, mobile applications, databases, infrastructure, IoT devices, network and cloud infrastructure, server, mainframe, and directory services.

• Ability to read and understand programming languages.

• Basic hands-on experience with at least one of the major cloud providers (GCP, AWS, Azure).

• Basic familiarity with multiple operating systems, minimally Windows and Linux.

• An adversarial mindset - you must be able to put yourself in the mind of the attacker. 

• Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.

• Ability to provide customer-facing support in a professional manner.

Qualifications (Preferred Skills):

• One or more penetration testing certifications (OSCP, OSWE, GPEN, GXPN, GWAPT, etc.).

• Publicly released tools or modules.

• Experience in CTF competitions or Bug Bounty programs.

• Experience in mobile (iOS/Android) application development/assessment.

• Experience in Internet of Things (IoT) security and exploitation.

We offer

• P&G-sized projects and access to world leading IT partners and technologies from Day 1.

• Wide range of self-development possibilities (training and certifications paths).

• Competitive starting salary and benefits program (private health care, P&G stock, saving plans, sport cards).

• Regular salary increases and possible promotions - in line with your results and performance.

• Opportunity to change role every few years to be in the best place for you and best for P&G.

At Procter & Gamble we embrace a hybrid work model that combines the flexibility of remote work with the collaborative benefits of in-office engagement. Employees can enjoy the option to work from home two days a week while also spending time in the office to foster teamwork and enhance communication.

Watch this video to learn more about our full recruiting process: https://www.youtube.com/watch?v=0bicvbpy0gI

Kindly be advised that at P&G, employment is exclusively extended on the basis of an "Umowa o Pracę" (Full-time Employment Contract). Apply only if you agree to these conditions.

About us

We produce globally recognized brands and we grow the best business leaders in the industry. With a portfolio of trusted brands as diverse as ours, it is paramount our leaders can lead with courage the vast array of brands, categories and functions. We serve consumers around the world with one of the strongest portfolios of trusted, quality, leadership brands, including Always®, Ariel®, Gillette®, Head & Shoulders®, Herbal Essences®, Oral-B®, Pampers®, Pantene®, Tampax® and more. Our community includes operations in approximately 70 countries worldwide.

Visit http://www.pg.com to know more.

We are an equal opportunity employer and value diversity at our company. We do not discriminate against individuals on the basis of race, color, gender, age, national origin, religion, sexual orientation, gender identity or expression, marital status, citizenship, disability, HIV/AIDS status, or any other legally protected factor.