Contact Company
Withdraw
Apply
Report
Cyber Security Specialist/Manager (AVP)
Banking/Financial company
Banking/Financial company
Jacksonville, FL
W-2 onlyPermanent Position881 views
Jacksonville, FL
Permanent Position
Your Recruiter
Luda Melanich
Senior Technical Recruiter

As a Red Team member, you will work collaboratively within a global team to identify risks and vulnerabilities. You’ll be an integral part of the Bank’s defense team, emulating threat actor tactics, techniques, and behaviors and ensuring that the Bank can detect and deter them. You will support the decision-making processes by providing clear analyses to senior management on threats and mitigations.

Key Responsibilities:

  • As the primary lead for penetration testing control, you will act as the single point of contact (SPOC) to test and coordinate test findings with applicable technology, information security, and business groups; assist with governance and oversight of penetration testing program
  • Apply target operating model for asset penetration testing and assessment in all Bank environments
  • Perform or coordinate remediation testing of security vulnerabilities that have been fixed and provide evidence of the results
  • Help define management reporting requirements and metrics including risk appetite metrics and key risk indicators
  • Maintain ongoing proficiency in network and application exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, network security, and encryption
  • Manage budget, vendors, traffic, testing program, onboarding tools, governance and regulatory

Skills and Experience:

  • Experience running a variety of penetration testing tools, performing manual testing, validating test results, identifying the root cause, analyzing vulnerabilities, and helping develop platform-specific remediation plans
  • 5+ years of experience in penetration testing at the AVP level
  • Management experience: 3+ years at the AVP level
  • Familiarity with the concepts of defensive programming, open web application security project (OWASP) top 10, and sysadmin, audit, network, and security (SANS) top 25 vulnerabilities
  • Experience in bug bounty and vulnerability disclosure programs
  • Extensive experience in information security and penetration testing
  • One or more of the following security certifications preferred: Offensive Security Certified Professional (OSCP); Offensive Security Web Expert (OSWE); GIAC Penetration Tester (GPEN); GIAC Web Application Penetration Tester (GWAPT) eLearnSecurity Certified Penetration Tester eXtreme (eCPTX); eLearnSecurity Web application Penetration Tester (eWPT); Certified Information Systems Security Professional (CISSP)
Skills
Skill Proficiency Years Experience Percent Used
Cyber Security
3 - 6100%
Penetration Testing
3 - 6100%
Project Management
3 - 6100%
Applications Security
Any75%
CISSP
Any75%
Information Security
Any75%
OWASP
Any75%
Network Security
Any50%
Root Cause Analysis
Any50%
Auditing
Any25%
Testing Tools
Any25%