Penetration Tester III - IN ( Night Shift)

Job Profile Summary

Responsible for conducting vulnerability assessment scans, assisting with penetration testing, exposing security vulnerabilities and risks, and recommending solutions to mitigate such vulnerabilities. Contributes to building and delivering services, solutions and processes that enable security defects to found, fixed or avoided before applications are released to production. Tracks public and privately released vulnerabilities and assists in the corporate triage process including: identification, criticality evaluation, remediation planning, communications, and resolution. Conducts vulnerability assessment scans, exposing security vulnerabilities and risks and recommending solutions to mitigate such vulnerabilities.

Careel Level Summary

• Requires in-depth conceptual and practical knowledge in own job discipline and basic knowledge of related job disciplines
• Solves complex problems
• Works independently, receives minimal guidance
• May lead projects or project steps within a broader project or may have accountability for on going activities or objectives
• Acts as a resource for colleagues with less experience
• Level at which career may stabilize for many years or until retirement

Key Responsibilities

• Assists with mobile black box testing, source code analysis, manual pen testing, and vulnerability assessments.
• Prepares reports on vulnerability and penetration testing and works with business units to develop remediation plans.
• Keeps up with the changing nature of security threats.
• Schedules and executes vulnerability/ penetration testing
• Contributes to the corporate vulnerability triage process.
• Works closely with the Risk Management, ISOC and Intel teams
• Researches and investigates new and emerging vulnerabilities and participate in external security communities

Knowledge

• Intermediate knowledge of Single Sign-On (RSA SecureID), Federation, Kerberos, PKI, LDAP, SAML, OpenID, Oauth, and cross-realm concepts, Identity Synchronization and multi-factor authentication
• Intermediate knowledge of ethical hacking and penetration testing
• Intermediate understanding of security principles to include operating system and directory services hardening

Skills

• AI/Machine Learning
• Cloud Computing
• Cybersecurity
• DevOps Coding Skills
• Network/Systems Skills

Certifications

• OSCP - Mandatory
• Current CEH, GPEN, CISSP, and GCIA certifications preferred

Experience

• 5 - 7 years of experience in the field of role required