This position is no longer open for applications

Penetration Tester

Job Description:

Penetration Tester Summary:

Signature Consultants is seeking a Penetration Tester for an opportunity in Charlotte, NC. In this role, the initial function of the Penetration Tester will be to perform Dynamic Application Security Testing (DAST) retests to determine if remediation of previously identified vulnerabilities in applications was successful. Later, he or she will work with software development partners to identify and mitigate the security vulnerabilities in applications through Dynamic Application Security Testing (DAST) of applications. Communication with the business security team, information security consultants (ISCs), operation risk consultants (ORCs), enterprise security group, and development technology partners is critical in this role. You will also act as an application security SME for the development and security communities for the client.

Responsibilities:

  • Conduct dynamic application security testing using both manual and automated testing tools
  • Review test results from tools
  • Ensure that automated tests are completed successfully
  • Configure tools as required to be successful in evaluating applications
  • Identify and remove any false positives from automated testing tool reports
  • Triage & Disposition results and enforce a Bug Bar
  • Verify/validate defect fixes
  • Provide application security consulting SME Support to developers
  • Assist developers with understanding of security defects and risk
  • Assist in defining acceptable solution to fix defects
  • Communicate Security risk to ISCs and ORCs to document security issues and controls for security planning purposes
  • Help maintain Security Coding Standards and Bug Bar as required
  • Assist in the Development of standards as required
  • Provide training
  • Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities
  • Develop and review malicious use cases/threat models
  • Maintain a broad understanding of security technologies and products
  • Actively participate on improving the security culture and education throughout the organization

Requirements:

  • 7+ years of experience in security applications and systems
  • 5+ years of DAST (Dynamic Application Security Testing) experience
  • Minimum of 5 years of demonstrated experience with automated penetration tools
  • Minimum of 5 years of demonstrated experience with manual penetration testing tools
  • Demonstrated experience with creating and communication of reports regarding web application vulnerabilities to various level of personnel within a large organization

Desired Qualifications:

  • Advanced Information Security technical skills
  • Ability to manage complex issues and develop solutions
  • Excellent verbal and written communication skills
  • Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis
  • Knowledge and understanding of banking or financial services industry
  • Experience working in a large enterprise environment
  • Strong analytical skills with high attention to detail and accuracy
  • Knowledge and understanding of information security industry standards and government regulations
  • Ability to manage multiple and competing priorities
  • Ability to work with limited supervision
  • Ability to take on a high level of responsibility, initiative, and accountability
  • Good attention to detail and accuracy skills
  • Strong collaboration and partnering skills
  • Demonstrated experience developing and reviewing malicious use cases/threat models

About Signature Consultants, LLC

Headquartered in Fort Lauderdale, Florida, Signature Consultants was established in 1997 with a singular focus: to provide clients and consultants with superior staffing solutions. For the seventh consecutive year, Signature was voted as one of the “Best Staffing Firms to Work For” and is now the 14th largest IT staffing firm in the United States (source: Staffing Industry Analysts). With 26 locations throughout North America, Signature annually deploys thousands of consultants to support, run, and manage their clients’ technology needs. Signature offers IT staffing, consulting, managed solutions, and direct placement services. For more information on the company, please visit www.sigconsult.com.

Apply Now

To apply for this job, please complete the following 6 fields and we will immediately follow-up (* = required).

Choose File
.doc, .docx, .txt, .pdf, .html
Would you like to help us get to know you even better?

The intent of asking for the following information is to assist Signature in meeting its commitments to equal opportunity and affirmative action requirements. Completing and returning this section is purely VOLUNTARY on your part and will have absolutely no effect on the status of your employment application.

Signature Consultants is committed to providing reasonable accommodation to qualified individuals with physical and mental disabilities according to state and federal disability discrimination laws. If, because of a disability, you need assistance or a reasonable accommodation for any part of the employment process, please email hr@sigconsult.com or call 888-838-1020. Signature Consultants will partner with you in good faith to identify and implement a reasonable accommodation, if any, that is appropriate and consistent with its legal obligations.

Signature Consultants is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

EEO is the law: http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf