Principal Application Penetration Tester

More than 30 years ago, ETRADE pioneered the online brokerage industry by executing the first-ever electronic individual investor trade. While the landscape of our industry has changed dramatically, our culture of innovation and drive to make online trading accessible to everyone continues to drive us forward. We believe in challenging the status quo, fostering an environment of curiosity and learning, and, above all, putting our customers first.

RESPONSIBILITIES

The Application Penetration Tester will be responsible for both executing application penetration tests against E
TRADE applications and in ensuring ETRADE's application penetration testing tools and methodologies are continually evolving to combat the evolving threat landscape.

What you will be doing:

  • Plan and conduct Web, Web Services and Mobile Application Penetration Testing.
  • Select, design and create appropriate tools for testing.
  • Review findings and provide feedback to applications.
  • Perform risk assessments on identified applications.
  • Carry out, design and review application penetration tests.
  • Review and perform social engineering tests where appropriate.
  • Evaluate and select from a range of penetration testing tools.
  • Keep up to date with latest testing and ethical hacking methods.
  • Deploy the testing methodology and collect data.
  • Report on findings to a range of stakeholders.
  • Make suggestions for security improvements.
  • Enhance existing methodology material.
  • Lead small size teams, working projects to completion.


REQUIREMENTS

You'll Need To Have (REQUIRED)

What we're looking for...
  • Bachelor's degree with seven or more years of work experience.
  • Four or more years of relevant work experience in the following areas:
    • Web Application Penetration Tester
    • OWASP Top 10 Vulnerabilities
    • Enterprise level scanners such as HP WebInspect, AppSpider, IBM AppScan, BURP Suite Pro


Even Better If You Have (PREFERRED)
  • A degree in Computer Security, Computer Science or equivalent.
  • Certified Secure Software Lifecycle Professional (CSSLP).
  • Mobile security assessment is a huge plus
  • Solid technical skills in both information security architecture and penetration testing.
  • Solid understanding of network protocols.
  • Scripting and programming experience.
  • Knowledge of ethical hacking.
  • Ability to assess testing tools and deploy the right ones.
  • Ability to work independently but also as part of a team.
  • Flexibility to change direction and manage conflicting demands.
  • Solid project planning skills and the ability to handle multiple projects.
  • Excellent verbal and written communication skills.
  • Excellent organizational and data analytics skills.


We offer a competitive and comprehensive benefits package. Please visit https://www.etradecareers.com/why-work-at-etrade/employee-benefits/ to learn more about the opportunities.

E
TRADE Financial is an Equal Opportunity Employer who encourages diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, age, disability, citizenship, marital status, sexual orientation, gender identity, military or protected veteran status, or any other characteristic protected by applicable law.


Back to top