Energy Vault is the creator of sustainable energy storage solutions designed to accelerate the transition to a carbon free, resilient power grid and transform the world’s approach to utility-scale energy storage. Energy Vault works to combat climate change by enabling clean and reliable electricity through innovative gravity and kinetic based energy storage technologies. Energy Vault combines innovative design, advanced materials science, and proprietary machine-vision software to orchestrate the storage and dispatch of electrical power by lifting and lowering composite bricks, made from eco-friendly materials. Energy Vault’s commitment to sustainability is reflected in a unique approach to the circular economy which utilizes local industrial and energy waste, including remediated coal ash and recycled wind blades converted to recyclable materials, to build the system’s composite bricks. Energy Vault innovates to enable the global shift to a world powered by renewable resources.
About Energy Vault
Energy Vault develops and deploys sustainable energy storage solutions designed to transform the world's approach to utility-scale energy storage in realizing decarbonization while maintaining grid resiliency. The company's proprietary gravity-based energy storage technology, battery storage technology, and energy storage management and integration platform are intended to help utilities, independent power producers and large industrial energy users significantly reduce their levelized cost of energy while maintaining power reliability. Utilizing eco-friendly materials with the ability to integrate waste materials for beneficial re-use, Energy Vault is facilitating the shift to a circular economy while accelerating the clean energy transition for its customers. For additional information, please visit:
www.energyvault.com.
Position Title: Penetration Tester / Ethical Hacker (Mid or Senior)
Reports To: Lead Cybersecurity Engineer
Location: Tysons Corner, VA, Westlake Village, CA or REMOTE (USA)
About the role
As a Senior Penetration tester, you will help to assess the security of the systems, both informational and operational, within the organization. You will use industry-standard ethical hacking tools to conduct initial reconnaissance, scan for vulnerabilities, formulate a plan of attack, and attempt to exploit the systems and infrastructure. You will need creativity and imagination to gain access to and control of the systems, ultimately working to develop recommendations and implement solutions to fortify the organization’s systems. As the company’s internal red team, you will think outside the box in a cat-and-mouse game with the “good guys” to break web applications, business logic systems, servers, and everything else.
At Energy Vault we are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants. We believe inclusion creates opportunity for collaborative excellence through diversity of thought. We invite individuals of all genders, races, identities, ethnicities, sexual orientations, national origins, abilities, protected veteran status, religions, educational and socioeconomic backgrounds to explore employment with our organization.
What you will do
Use industry-standard tools (Kali Linux, Metasploit Framework, Nessus/Tenable, etc.) to conduct network penetration testing (edge routers, switches, firewalls, etc.), web and mobile application testing, ad wireless network assessmentsDevelop comprehensive threat analysis reports and presentations for both technical and non-technical audiences of varying levels of familiarityFormulate remediation strategies for both theoretical and practical discovered vulnerabilities, discussing plans with internal stakeholders Safely utilize non-destructive ethical hacking tools, tactics, and proceduresDevelop plans and scripts to facilitate an automated and persistent threat scanning architectureConduct social engineering assessmentsShape a culture of collaboration, innovation, constant improvement, excellence, transparency, open mindedness, humility, integrity, efficiency, joy, compassion, and fulfillmentWhat a qualified candidate should possess
Experience with industry-standard ethical hacking tools for scanning, exploitation, packet capture, and brute-force attempts (Kali Linux, Metasploit Framework, Nmap / Zenmap, Wireshark, John the Ripper, Burp, Nessus/Tenable, OWASP ZAP)Scripting ability (Python, Bash, Ruby, etc.) for automation and assessment purposesExperience in mixed-mode architectures employing heterogenous (IT/OT) devices and systems, such as DoD/IC equipment systems, industrial control systems, or equivalentExperience with functional and integration testing, understanding the interplay between functional requirements and security requirementsExperience with both zero-knowledge hacking practices (TryHackMe, Hack the Box, etc.) and knowledge-based hacking practices (Nessus/Tenable, etc.)Knowledge of network architecture and hardware (switches, hardware, and software firewalls, etc.)Knowledge of multiple operating systems and their relative security practicesFamiliarity with common cryptographic methods and protocolsFamiliarity with Agile methods and practices for issue tracking (Jira)Familiarity with basic cloud architecture and platforms (AWS, GCP, etc.)Bachelor’s or Associate’s degree in computer science, information technology, cybersecurity, or a related fieldComfort in fast-paced, rapid growth environmentsExperience in public companies is a plusA passion for sustainability is critical to our purpose, mission, and vision!