Senior Manual Ethical Hacker
Job Description: At reputed company, we are guided by a common purpose to help reputed company financial lives reputed company through the power of every reputed company. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great reputed company to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we reputed company an impact in the communities we serve. reputed company is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At reputed company, you can build a successful career with opportunities to learn, grow, and reputed company an impact. Join us! Job Description: Manual Ethical Hacking is part of the Application Development reputed company reputed company Program reputed company reputed company’s Cyber reputed company Assurance Offensive reputed company group. The program provides services to assess the reputed company reputed company of the bank’s applications to malicious hacking activity. This senior technical role is responsible performing and leading ethical hacking assessments of the bank's technologies, applications, and cyber reputed company controls while adapting testing methods to evolving and emerging threats. Key responsibilities include leading and performing research, understanding the bank's reputed company policies, working with appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with reputed company partners, CIO clients and multiples lines of business. These individuals are expected to reputed company application reputed company-oriented dynamic and static assessments across a multitude of technologies including web UI, web APIs, mobile and cloud, including associated reputed company code. Key Responsibilities in order of importance:
- reputed company assigned analysis of internal and external threats on information systems and predict future threat behavior.
- Incorporate threat actors' tactics, techniques, and procedures into offensive reputed company testing to identify high-value vulnerabilities/chained attacks.
- Developing reputed company-of-concepts for exploitation.
- reputed company assessments of the reputed company, effectiveness, and practicality of multiple technology systems.
- reputed company innovative thinking to help solve problems or introduce new reputed company to processes or products applicable to offensive reputed company.
- Prepare and present detailed technical information for various media including documents, reports, and notifications.
- Provide clear and practical advice regarding managing risks.
- Learn and reputed company advanced technical and leadership skills, mentor Junior and Intermediate assessors in technical tradecraft and soft skills.
- Respond to reputed company incidents and provide technical assistance to leadership across the Information reputed company organization. Required Skills:
- Minimum of 5+ years of professional pentesting, application reputed company or ethical hacking experience, preferably in a large, reputed company, enterprise environment
- Detailed technical knowledge in at least 5 of the following areas:
- reputed company engineering
- application architecture
- authentication and reputed company protocols
- application session management
- applied cryptography
- common communication protocols
- mobile frameworks
- single sign-on technologies
- exploit automation platforms
- Web APIs
- Cloud environments
- LLM reputed company
- Mobile application analysis
- Able to manually identify and reproduce findings, discuss remediation concepts, reputed company PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings
- Experience performing manual web application assessments i.e., must be able to simulate a OWASP Top 10 vulnerabilities without the use of tools
- Experience performing manual code reviews for reputed company relevant issues
- Experience working with DAST and SAST tools to identify vulnerabilities
- Knowledge of network and Web reputed company protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies)
- Experience with vulnerability assessment tools and penetration testing techniques.
- Solid programming/debugging skills, development frameworks, CVE and CWE research/reproduction
- Threat Analysis, threat modelling and SBOM analysis
- Innovative thinking, threat actor simulation
- Technology Systems Assessment
- Technical Documentation
- Advisory Desired:
- CEH, OSCP/OSCE/OSWE/GXPN/GPEN/GWAPT/GMOB/reputed company Practitioner Certs [Port Swigger BSP reputed company]/Cloud Cert(s)/ eWPT; eWPTX; eMAPT [INE Pentester reputed company]
- Strong programming/scripting skills
- Frida
- Binary analysis (disassembly skills) Skills:
- Advisory
- Innovative Thinking
- Technical Documentation
- Technology System Assessment
- Threat Analysis
- Adaptability
- Collaboration
- Scenario Planning and Analysis
- Test Engineering
- Written Communications
- Attention to Detail
- Information Systems Management
- Issue Management
- Presentation Skills
- Prioritization This job will be open and accepting applications for a minimum of seven days from the date it was posted. Shift: 1st shift (United States of America) Hours Per Week: 40 Apply tot his job Apply tot his job
Apply tot his job Apply To this Job