Listing Description
The Network Penetration Tester will be responsible for performing security testing on Fifth Third Bank's network infrastructure.
MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:
- Undergraduate degree or equivalent preferred, with 3-5 years of experience.
- Understand basic concepts such as networking and network protocols, applications, and operating system functionality and be able to learn advanced concepts such as application manipulation, exploit development, and stealthy operations.
- Strong understanding of Microsoft Windows, Linux and network vulnerabilities.
- Knowledge of established penetration frameworks such as the Penetration Testing Execution Standard (PTES) or Open Source Security Testing Methodology Manual (OSSTMM).
- Understand threat vectors to each environment and be able to properly assess them.
- Strong experience with penetration testing tools such as Burp Suite, Metasploit, Kali Linux toolset.
- Experience conducting network penetration tests, performing manual and automated pentesting, validating test results, identifying root causes, analyzing vulnerabilities, and helping develop platform-specific remediation plans.
- Ability to create custom Bash and/or Python scripts.
- Web application penetration testing experience is a plus.
- Strong communication and documentation skills. Must be able to communicate the business risks of vulnerabilities and how to remediate them.
- One or more of the following security certifications preferred: GPEN, OSCP, eCCPT, CREST or similar security certification(s).
**There is 20% travel at the most. It will be the first two weeks, then every 6 weeks after that**Support the Ethical Hacking program by performing authorized penetration testing on the Bank's network infrastructure from both an internal and external perspective.
Assist with scoping of penetration testing activities.
Document TTPs and findings related to network penetration testing.
Assist with the tracking and management of discovered vulnerabilities.
Perform retesting after vulnerability remediation.
Provide written penetration testing reports detailing the vulnerabilities discovered and the tools and steps needed to reproduce.
Evaluate and communicate the risk of discovered vulnerabilities based on the Bank's specific business environment.
Develop manual and automated repeatable security testing processes.
Stay current with the latest security testing trends, technologies, methodologies.
Continually improve proficiency in network exploitation, tools, techniques, and countermeasures.
Listing Details
- Salary: $110000 - $130000
- Citizenship: No Requirements
- Incentives: Not Provided
- Education: No Requirements
- Travel: Travel 25
- Telework: Full Telecommute