About your role:
As a Cyber Application Security Senior Penetration Tester, you will play a critical role in ensuring the security of our applications through comprehensive penetration testing. Your specialized expertise will be vital in identifying and exploiting vulnerabilities across web applications, APIs, mobile platforms, and thick clients. You will collaborate with a dedicated team focused on innovative security practices, contributing directly to our mission of providing secure financial solutions while safeguarding our clients' data and maintaining the integrity of our financial services.
What you'll do:
Perform thorough penetration testing across various application types, including web applications, APIs, mobile applications, and thick clients, to identify and exploit vulnerabilities effectively.
Develop and implement advanced penetration testing strategies and frameworks tailored to different application architectures.
Lead assessments to uncover security weaknesses, conducting both manual and automated testing methodologies.
Provide expert guidance on remediation strategies and best practices to mitigate identified vulnerabilities.
Monitor application security incidents, respond promptly to security assessments, and ensure swift resolution of security-related issues.
Analyze security incidents through rigorous root cause investigations and implement proactive measures to enhance overall application security.
Stay informed about the latest trends, tools, and techniques in application security and penetration testing, applying this knowledge to strengthen security postures and practices.
Mentor and support team members, fostering a strong culture of security awareness throughout the organization.
Experience you'll need to have:
6+ years of experience in cybersecurity, with a strong emphasis on penetration testing across web applications, APIs, mobile applications, and thick clients.
Demonstrated proficiency in utilizing and integrating advanced security tools and methodologies.
In-depth knowledge of web application vulnerabilities and testing approaches, including threat modeling and security assessment techniques.
6+ years of an equivalent combination of educational background, related experience, and/or military experience.
Experience that would be great to have:
Experience within the financial services industry, focusing on secure application development and compliance requirements.
Familiarity with leveraging LLMs to learn advanced penetration testing techniques and enhance automation capabilities in security assessments. Apply innovative methods to automate vulnerability detection and remediation testing.
Relevant certifications such as OSCP (Offensive Security Certified Professional), GWAPT (GIAC Web Application Penetration Tester), CPENT (Certified Penetration Tester), or equivalent qualifications.
R-10371064
