Kaseya® is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide powered by AI. Kaseya’s best-in-breed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained, strong double-digit growth over the past several years and is backed by Insight Venture Partners www.insightpartners.com), a leading global private equity firm investing in high-growth technology and software companies that drive transformative change in the industries they serve.
Founded in 2000, Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our award-winning solutions, go to www.Kaseya.com and for more information on Kaseya’s culture.
Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers.
Primary Responsibilities
● Review automatically produced reports for internal and external network vulnerability and penetration testing assessments to identify errors, gaps, and potential (post-)exploitation vectors that require additional testing.
● Use custom and open-source tools to perform and report on exploitation and post-exploitation – attacks that were not covered by our automated network penetration testing platform.
● Report bugs, gaps, and suggestions for improvement relating to our automation platform and other custom tools to our automation team.
● Contribute to internal documentation of (post-)exploitation attacks that can be performed by our pentesters.
● Collaborate with our automation team by suggesting and documenting attacker vectors that aren’t yet covered by our automation platform.
● Contribute to custom tools for reporting and (post-)exploitation purposes.
● Write scripts (Ruby, Python, Bash) to automate manual testing routines and/or specific attacks (e.g. testing for and exploiting default credentials in common web apps).
● Recommend new procedures, policies and tools to streamline our pentest QA process and eliminate repetitive, manual tasks.
Qualifications
● At least 1 year of network security and penetration testing experience in a professional environment.
● An understanding of network security fundamentals and common attack vectors. This includes familiarity with standard communication protocols and the potential ways to exploit them (e.g. SMB, Kerberos, LDAP, FTP, Telnet, SSH, SMTP, RDP, NFS.)
● Network and web-related protocol knowledge (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
● Experience with common network penetration testing tools (e.g. Kali Linux, Metasploit, Burp Suite, Impacket, CME, Responder, Bloodhound, Mimikatz, Kerbrute).
● Active Directory penetration testing experience. Knowledge of PowerShell is a plus, but not required.
● Programming experience. Knowledge of Ruby is preferred, but experience with other languages, especially Python, is valuable too.
● Experience with Unix systems and shell scripting (e.g. sh, bash, zsh).
Join the Kaseya growth rocket ship and see how we are #ChangingLives !
Additional information
Kaseya provides equal employment opportunity to all employees and applicants without regard to race, religion, age, ancestry, gender, sex, sexual orientation, national origin, citizenship status, physical or mental disability, veteran status, marital status, or any other characteristic protected by applicable law.
