Senior Adaptive Threat Replication Engineer - Web/Mobile
Company: Disability Solutions
Location: Chicago
Posted on: September 21, 2023
|
|
Job Description:
Job Description:The Cyber Security Assurance Division is looking
for a Senior Ethical Hacker, specializing in application and mobile
security assessments. The individual will join a team of
world-class offensive security professionals diligently hunting for
vulnerabilities across the bank's global technology environment.
This is a senior technical role that requires a deep understanding
of web application technology and a solid understanding of threats
and threat TTPs. In addition to performing application assessments,
as a senior member of the team you will coordinate with senior
leadership on development projects, share your knowledge and
experience by mentoring junior engineers, and assist the monitoring
and response functions. Required Skills:--- Must be able to
critically examine an organization and application through the
perspective of a threat actor and articulate risk in clear, precise
terms to technical and non-technical audience.--- Must be
proficient with the common tools associated with red teaming,
penetration testing, and vulnerability assessments (Metasploit,
Burp Suite, Cobalt Strike, Kali, etc.).--- Must be very proficient
with web application vulnerability scanning tools (e.g. Invicti
DAST Scanner, SoapUI, Burp Suite Pro, Checkmarx etc.).---
Experience conducting manual and automated vulnerability
assessments, code reviews and penetration tests against web/mobile
application technologies, services, platforms and languages to
identify flaws and exploits (e.g., SQL Injection, Cross-Site
Scripting, Cross-Site Request Forgery, Clickjacking,
Authentication/Authorization, Privilege Escalation, Business Logic
Bypass, OWASP Top 10, SANS Top 25 etc.).--- Experience pentesting
mobile platforms such as iOS and Android, mobile device
simulators.--- Solid programming/debugging skills with proficiency
in one or more of the following: Java, JavaScript, HTML, XML, PHP,
ASP.NET, AJAX, JSON, Objective-C, and SOAP/REST web APIs.Desirable
Skills: --- Certifications: OSCP, GPEN, GXPN, OSCE, GWAPT, GMOB---
Previous experience working in the financial industry,--- Typically
has 5-10 years of experience in technology and offensive security
assessmentsAre you passionate about cyber security and looking to
work with some of the best information security professionals in
the world and in challenging environments? Bank of America is
hiring top talent to join our team. You bring your talent and
passion and we'll provide you with an opportunity to shine and
grow.Enterprise Role Overview - Leads the analysis, implementation,
execution and improvement of proactive security controls to prevent
external threat actors from infiltrating company information or
systems. Conducts research and provides leadership updates
regarding advanced attempts/efforts to compromise security
protocols. Maintains or reviews security systems and assesses
security policies that control access to systems. Provides status
updates and recommendations to the leadership team regarding the
impact of theft, destruction, alteration or denial of access to
information. Follows standard practices and procedures in analyzing
situations or data. Typically has 5-10 years of relevant experience
and will act as an individual contributor.Shift:1st shift (United
States of America)Hours Per Week: 40
Keywords: Disability Solutions, Chicago , Senior Adaptive Threat Replication Engineer - Web/Mobile, IT / Software / Systems , Chicago, Illinois
Click
here to apply!
|