Sr. Penetration Tester (Peoria, IL or Remote)

We’re not like other insurance companies. From our specialty products to our business model, our culture to our results — we’re different. Different is who we are, and how we work, interact, deliver and succeed together. Creating a different and better insurance experience doesn’t just happen. It takes focus and a shared passion for going beyond the expected to forge relationships and deliver care that makes a difference. This approach rises from and is supported by our talented, ethical and smart team of employee owners united around a single purpose: to work alongside our customers and partners when they need us, in unexpected ways, with exceptional results. Apply today to make a difference with us. 

RLI is a Glassdoor Best Places to Work company with a strong, successful background. For decades, our financial track record has been stellar — a testament to our culture and validation of our reputation as an excellent underwriting company.

Under general management, the Sr. Penetration Tester role will be responsible for conducting application and infrastructure penetration tests to help strengthen the security of applications and network assets. The position must collaborate with others on the security team and development teams for remediation and additional validation, as well as contribute to other collaborative approaches driven by the security team strategy.  

• Provide testing expertise on application, web and network technologies as a subject matter expert.

• Perform advanced penetration tests on web applications, network infrastructure, and cloud environments.

• Responsible for documenting on test initiatives and reporting on remediation recommendations and validation.

• Provide support to business units launching new applications and services to verify that new products/offerings are not at risk of compromise or information leakage.

• Collaborate with Development teams to incorporate a vulnerability management program and implement security best practices into software development lifecycle (SDLC).

• Support threat and incident response as necessary.

• Perform other projects and duties as needed.

• Typically requires a Bachelor’s degree in computer science, computer information systems, management information systems or a related field

• 4+ years of relevant experience (penetration testing applications and networks preferred)

• [OR] equivalent level of education and experience    

• Offensive security certification preferred (OSCP, OSCE, OSWE, GMOB, GPEN or equivalent)

• Advanced use of a variety of tools to simulate attacker tactics, techniques and procedures (TTPs).

• Skilled with cloud environments such as Azure and AWS.

• Strong knowledge in program languages and scripting tools including Python and Shell for penetration testing.

• Proven knowledge of penetration testing methodologies, tools and frameworks such as Kali, Metasploit, Burp, Frida and others.

• Advanced understanding of methods to secure microservices and APIs.

• Competent in software development, system development and network administration.

• Ability to document and explain technical details to both technical and non-technical stakeholders.

• Ability to work independently as a self-starter and as part of a team.

The base salary range for the position is listed below. Please note that the base salary is only one component of our robust total rewards package at RLI. The salary offered will take into account a number of factors including, but not limited to, geographic location, experience, scope & responsibilities of the role, qualifications/credentials, talent availability & specialization, as well as business needs. The below range may be modified in the future.

Base Pay Range

At RLI, we're all owners. We hire the best and the brightest employees and allow them to share in the company's success through our Total Rewards. With the Employee Stock Ownership plan at its core, the Total Rewards program includes all compensation, benefits and perks that come with being an RLI employee.

Financial Incentives

• Annual bonus plans

• Employee stock ownership plan (ESOP)

• 401(k) — automatic 3% company contribution

• Annual 401k and ESOP profit-sharing contributions (Up to 15% of eligible earnings)

Work & Life

• Paid time off (PTO) and holidays

• Paid volunteer time off (VTO) to support our communities

• Parental and family care leave

• Flexible & hybrid work arrangements

• Fitness center discounts and free virtual fitness platform

• Employee assistance program

Health & Wellness

• Comprehensive medical, dental and vision benefits

• Flexible spending and health savings accounts

• 2x base salary for group life and AD&D insurance

• Voluntary life, critical illness, & accident insurance for purchase

• Short-term and long-term disability benefits

RLI encourages its employees to pursue professional development work in insurance and job-related areas. We make a commitment to employees to provide educational opportunities that help them enhance their skills and further their career advancement. RLI fosters a true learning culture and encourages professional growth through insurance courses, in-house training and other educational programs. RLI covers the cost for most programs and employees typically earn a bonus upon successful completion of approved courses and certifications. Our personal and professional growth benefits include:

• Training & certification opportunities

• Tuition reimbursement

• Education bonuses

Our goal is to attract, develop and retain the best employee talent from diverse backgrounds while promoting an environment where all viewpoints are valued and individuals feel respected, are treated fairly, and have an opportunity to excel in their chosen careers. We actively support, and participate in, initiatives led by the American Property Casualty Insurance Association that aim to increase diversity in the insurance industry. Cultivating an exceptional and diverse workforce to deliver excellent customer service reinforces our culture and is a key to achieving superior business results.

RLI is an equal opportunity employer and does not discriminate in hiring or employment on the basis of race, color, religion, national origin, citizenship, gender, marital status, sexual orientation, age, disability, veteran status, or any other characteristic protected by federal, state, or local law.