Ethical Hacker / Web Application PenTester

The Ethical Hacker / Web Application PenTester will be responsible for conducting application penetration tests and software security architecture reviews in the Banking domain. This role will focus on identifying risks throughout the secure software development lifecycle of a regional Bank, serving as a subject matter expert in web application, API, and cloud security., * Conduct application security penetration tests to identify vulnerabilities in software design and implementation.

• Assess emerging application security systems, standards, authentication protocols, and products to determine gaps, overlaps, or extensions.
• Provide guidance on application security architecture standards and design patterns for web, API, and cloud system integration.
• Collaborate with application technology SMEs to define security policies for building, supporting, and consuming application services.
• Promote a culture of secure software design and development through security awareness and best practices.
• Effectively communicate application security concepts across all levels of the organization.
• Review technical design documentation to ensure security-related items are included.
• Think critically, prioritize tasks, and solve problems independently or as part of a team.

• Cloud Security
• Banking Domain Knowledge
• Cloud Computing
• Web Applications
• System Integration
• Technical Drafting
• Web API
• Software Design
• API Authentication
• Design Patterns
• Documentation
• Software Development
• Software Security

Preferred Skills:

• Experience in the Banking industry
• Knowledge of ethical hacking techniques
• Experience with software security testing tools
• Ability to perform vulnerability assessments
• Understanding of OWASP Top 10 vulnerabilities