girl looking into her desktop
Back to search results

Ethical Hacking Analyst

Addison, Texas;

Job Description:

The Ethical Hacking Analyst will join a dynamic team of world class security experts to conduct application security/penetration tests of our internal/external web, mobile and web service applications, leveraging both manual techniques as well as automated tools in order to uncover and report security vulnerabilities that exist.

You will be knowledgeable with business risks associated to common security vulnerabilities and to be able to effectively communicate security vulnerabilities to application developers and/or senior managers who may have little to no experience with application security vulnerabilities.

The ability to work independently in a very large scale, enterprise setting is a great skill to possess. Previous experience as an application security professional with a large Financial Institution a plus.

Required Skills:

  • BS/MS in Computer Science (or equivalent work experience)
  • Persistent sense of technical curiosity how applications work and a demonstrated ability to think through process bypasses
  • Experience conducting vulnerability assessments, secure code reviews and penetration testing against web application technologies
  • Knowledge of web and network related protocols/technologies
  • Ability to demonstrate manual web application testing experience
  • Desire to learn and an aptitude for executing critical thinking in a variety of situations
  • Excellent organizational skills
  • Ability to communicate efficiently and simplify complex IT scenarios

Desired Skills:

  • Ability to work independently in a large scale enterprise environment
  • Professional experience working in an application security role within a large financial institution
  • Experience with web application vulnerability scanning tools (e.g. IBM AppScan, HP Webinspect, Acunetix, NTO Spider, Burpsuite Pro, etc.)
  • Experience with vulnerability assessment tools and penetration testing techniques (e.g. web application proxies, packet capture analysis software, browser extensions, advanced penetration testing Linux distributions, static source code analyzers, etc.)
  • Experience in the following areas: general information security; security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; single sign-on technologies; exploit automation platforms
  • One or more of the following certifications: CISSP, GWAPT, GPEN, CEH, OSCP

Enterprise Role Overview:

Analyzes, improves, implements, and executes security controls proactively to prevent external threat actors from infiltrating company information or systems. Researches more advanced and complex attempts/efforts to compromise security protocols. Maintains or reviews security systems, assesses security policies that control access to systems, and provides regular status updates to the management team. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

The Ethical Hacking Analyst will join a dynamic team of world class security experts to conduct application security/penetration tests of our internal/external web, mobile and web service applications, leveraging both manual techniques as well as automated tools in order to uncover and report security vulnerabilities that exist.

You will be knowledgeable with business risks associated to common security vulnerabilities and to be able to effectively communicate security vulnerabilities to application developers and/or senior managers who may have little to no experience with application security vulnerabilities.

The ability to work independently in a very large scale, enterprise setting is a great skill to possess. Previous experience as an application security professional with a large Financial Institution a plus.

Required Skills:

  • BS/MS in Computer Science (or equivalent work experience)
  • Persistent sense of technical curiosity how applications work and a demonstrated ability to think through process bypasses
  • Experience conducting vulnerability assessments, secure code reviews and penetration testing against web application technologies
  • Knowledge of web and network related protocols/technologies
  • Ability to demonstrate manual web application testing experience
  • Desire to learn and an aptitude for executing critical thinking in a variety of situations
  • Excellent organizational skills
  • Ability to communicate efficiently and simplify complex IT scenarios

Desired Skills:

  • Ability to work independently in a large scale enterprise environment
  • Professional experience working in an application security role within a large financial institution
  • Experience with web application vulnerability scanning tools (e.g. IBM AppScan, HP Webinspect, Acunetix, NTO Spider, Burpsuite Pro, etc.)
  • Experience with vulnerability assessment tools and penetration testing techniques (e.g. web application proxies, packet capture analysis software, browser extensions, advanced penetration testing Linux distributions, static source code analyzers, etc.)
  • Experience in the following areas: general information security; security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; single sign-on technologies; exploit automation platforms
  • One or more of the following certifications: CISSP, GWAPT, GPEN, CEH, OSCP

Enterprise Role Overview:

Analyzes, improves, implements, and executes security controls proactively to prevent external threat actors from infiltrating company information or systems. Researches more advanced and complex attempts/efforts to compromise security protocols. Maintains or reviews security systems, assesses security policies that control access to systems, and provides regular status updates to the management team. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-22082972

Band: H5

Manages People: No

Travel: Yes, 5% of the time

Manager:

Talent Acquisition Contact:

Michael Geddie

Referral Bonus:

0

Colorado pay and benefits information

Colorado pay range:

$86,500 - $139,900 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

Jersey City pay and benefits information

Jersey City pay range:

$86,500 - $139,900 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.