Penetration Testing Ii

**Position Type**:
Full time
**Type Of Hire**:
Experienced (relevant combo of work and education)
**Education Desired**:
Bachelor of Computer Engineering
**Travel Percentage**:
0%
**What you will be doing**
- Exploits information security vulnerabilities and security misconfigurations to achieve the highest level of security access possible.
- Records high level details of the penetration testing process from note taking during procedure to consolidated deliverable reporting.
- Assesses and calculates risk based on vulnerabilities and exposure discovered during testing.
- Performs validation testing of security vulnerabilities that have been remediated and provide evidence for correction and closure.
- Develops and maintains penetration testing procedures and methodologies for departmental use.
- Collaborates with cybersecurity teams to maintain the company’s information security policies and procedures.
- Researches and experiments with new threat vectors and develops Proof of Concept code and attacks.
- Develops new tools to achieve exploitation that reveals security weaknesses.
- Debriefs technical and non-technical audiences on the threat assessment reports that outline penetration test findings.
- Other related duties assigned as needed.

**What you bring**:

- Strong understanding of various web technologies and testing methodologies
- Demonstrates and ability to methodically analyze problems, identify solutions, and communicate to a non-technical audience
- Excellent communication skills including the ability to render concise reports, summaries, and formal presentations
- Must have experience and be very proficient with the common tools associated with penetration testing (Metasploit, Burp Suite, Cobalt Strike, etc.)
- Sound knowledge of OWASP Top 10 and other security standards
- Demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
- Must be able to both work independently as well as effectively work in teams with individuals with a variety of skills and backgrounds.
- Expertise in at least one related functional area: Network Security, Reverse Engineering, Programming, Databases, Mainframes, Web Applications, etc.
- Must have one or more of the following:
Applications/System development experience

Linux and Windows in-depth proficiency

Familiarity with XML, SOAP, and AJAX

Proficient with programming/scripting languages

**What we offer you**
- A multifaceted job with a high degree of responsibility and a broad spectrum of opportunities
- A broad range of professional education and personal development possibilities - FIS is your final career step
- A competitive salary and benefits
- A variety of career development tools, resources and opportunities

EDUCATION REQUIREMENTS
Bachelor’s degree in Computer Science, Cyber Security, or the equivalent, and/or 5 years’ experience in the information security industry. One or more relevant professional certifications such as (OSCP) Offensive Security Certified Professional, (GPEN) GIAC Penetration Tester, (OSWE) Offensive Security Web Expert, (GWAPT) GIAC Web Application Penetration Tester.

FIS JOB LEVEL DESCRIPTION
Career level professional individual contributor role. Experienced, fully qualified professional with a full understanding of their area of expertise. Works independently on penetration testing engagements. Contributes to program enhancements and team cross training initiatives. Mentors junior members of the team. Requires 3 years of experience in Penetration Testing.

**Privacy Statement**

FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice.

**Sourcing Model**

Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.

pridepass