Senior Offensive Security Engineer - Pentester
Bank of America · Denver, CO · 1 wk ago
Information TechnologyFull-time
About the role
The Cyber Security Assurance Division at Bank of America is seeking a Senior Full Stack Pentester to join a team of world-class offensive security professionals. This role involves hunting for high-risk vulnerabilities across the bank’s global technology environment.
Responsibilities
- Diligently hunt for high-risk vulnerabilities across the bank’s global technology environment.
- Identify exploitable vulnerabilities in critical systems that can bring about a “nightmare scenario.”
- Lead and participate in collaborative, technical assessments using a wide range of penetration testing techniques.
- Adapt testing methods to evolving and emerging threats.
- Lead and perform assessments of the bank's technologies, applications, and cyber security controls.
- Partner closely with security partners, CIO clients, and multiple lines of business.
- Coordinate with senior leadership on development projects.
- Mentor junior engineers and assist with monitoring and response functions.
Requirements
- Minimum of 5+ years of professional offensive security experience.
- Proficient with common penetration testing tools (Burp Suite, Metasploit, nmap, etc.).
- A solid understanding of voice and data networks, major operating systems, active directory, and a strong desire to learn new technologies and skill sets.
- Knowledge of tactics, techniques, and procedures associated with malicious activity, industry classifications and frameworks, and the ability to chain vulnerabilities in advanced exploitation.
- Proficiency in report delivery and technical documentation of vulnerabilities.
- Proficient in coding in a programming or scripting language (Python, Java, C#, etc.).
Desirable Skills
- Certifications: OSCP, GPEN, GXPN, OSED, OSEP, OSWE, OSCE, GWAPT.
- Experience with hardware hacking, embedded systems analysis, and IoT hacking.