Senior Security Engineer - Penetration Testing

Careers at Bloomberg

Back to Search

New York, NY

Posted Nov 17, 2022 - Requisition No. 105919

Our Team:

We protect Bloomberg.

The Product Security team is dedicated to making our products and technologies as secure as possible. We report into the CISO, but work closely with engineering teams, product teams, and others across the organization to integrate security into the product lifecycle from design through deployment. Our colleagues depend on us to be application, network, and host security pros. We specialize in defining security requirements, performing application security assessments, and providing developers with remediation advice. On any given day we're performing security reviews on internal and third party applications, while evaluating processes, network design, and access controls.

What's The Role:

You’ll be trusted to conduct security assessments from start to finish with minimal assistance. Depending on the project you may perform white, black, or gray box assessments and may develop proof of concept code to demonstrate the severity of findings. You'll tap into your "security instincts" to find vulnerabilities and break down complicated technical issues and the risks they pose to programmers, network engineers, system administrators, and management. You will collaborate with those teams to ensure correct design, development, and implementation of internal and customer facing projects. While deep technical skills are critical to success with us, we're also looking for fast learners who are passionate about security and are constantly researching to stay ahead of the newest threats. You should be analytical and love to problem solve. Teamwork is key so it's important that you know how to collaborate and be a great teammate.

You'll Need To Have:

  • 3+ years of experience working in a similar role
  • Experience leading and performing static and dynamic analysis on customer facing applications, websites, and large enterprise networks
  • A consistent record of discovering, analyzing, and exploiting application vulnerabilities and misconfigurations on Windows and Linux platforms
  • The ability to work with stakeholders throughout the vulnerability lifecycle to communicate issues and provide remediation guidance
  • Proficiency in reading, writing, and auditing C, C++ and Python, as well as the ability to pick up new languages/technologies
  • Proficiency in at least one scripting language such as Python
  • Experience developing custom tools when necessary
  • Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common authentication protocols (OpenID Connect, OAUTH, SAML, RADIUS, LDAP, KERBEROS, etc.)
  • Knowledge of secure network design and system architecture

We'd Love To See:

  • Proficiency in using IDA Pro, Ollydbg/Immdbg, Windbg, Burp proxy, and other software analysis/debugging tools
  • Prior work as a consultant at a highly technical information security consultancy
  • Publicly disclosed vulnerabilities (CVEs) and open-source tools

What’s It Like To Work Here?

We work hard. We are ambitious and set ourselves tough business goals. We are a meritocracy, where everyone has a voice - not a job title. Working with people you trust, respect, and can collaborate with is more important than titles or positions. Things move fast, and we want people who will enjoy working in this environment and feed off the energy. That being said, it isn’t all about work. Giving back is one of our core values, and there are many ways to get involved in philanthropic initiatives, from helping local school kids with their reading, to helping clean up local parks and waterways.

If This Sounds Like You:

Apply if you think we're a good match. We'll get in touch to let you know what the next steps are, but in the meantime feel free to have a look at this: https://www.bloomberg.com/company/

Bloomberg is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of age, ancestry, color, gender identity or expression, genetic predisposition or carrier status, marital status, national or ethnic origin, race, religion or belief, sex, sexual orientation, sexual and other reproductive health decisions, parental or caring status, physical or mental disability, pregnancy or maternity/parental leave, protected veteran status, status as a victim of domestic violence, or any other classification protected by applicable law.

Bloomberg is a disability inclusive employer. Please let us know if you require any reasonable adjustments to be made for the recruitment process. If you would prefer to discuss this confidentially, please email amer_recruit@bloomberg.net.


Salary Range: 140,000 - 210,000 USD Annually + Benefits + Bonus

The referenced salary range is based on the Company's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level.

We offer one of the most comprehensive and generous benefits plans available and offer a range of total rewards that may include merit increases, incentive compensation [Exempt roles only], paid holidays, paid time off, medical, dental, vision, short and long term disability benefits, 401(k) +match, life insurance, and various wellness programs, among others. The Company does not provide benefits directly to contingent workers/contractors and interns.

Similar jobs

    The Bloomberg Talent Network

    Stay connected with us and be among the first to learn about new job opportunities. We’ll use the information you provide to help us get in touch with you to align your expertise with our opportunities and better direct our conversations.

    CONNECT WITH US