Senior Cybersecurity Penetration Tester
4 weeks ago
Job Description:
Senior Cybersecurity Penetration Tester
The Role
Fidelity's penetration testing team is dedicated to protecting the company's assets and customers' livelihoods from malicious adversaries. As a Senior Cybersecurity Penetration Tester, you will play a crucial role in identifying vulnerabilities in our systems and collaborating with business units to mitigate them.
- Lead testing efforts on Fidelity's web and mobile applications and supporting systems.
- Replicate the techniques and tools used by malicious attackers to model potential external threats.
- Prepare reports and present results to application owners, developers, and business unit information security teams.
- Analyze test results, draw conclusions, and develop targeted exploit examples.
- Consult with operations and software development teams to ensure potential weaknesses are addressed.
- Contribute to the research and development of tools to assist in vulnerability discovery.
- Collaborate with other teams within Enterprise Cybersecurity to improve the overall security of Fidelity's applications and infrastructure.
- Stay current on security best practices and vulnerabilities.
The Expertise and Skills You Bring
- Bachelor's degree or equivalent experience.
- 5+ years of IT experience.
- Preferred 3+ years of hands-on web application penetration testing/ethical hacking experience.
- Preferred: OSCP, GWAPT, GXPN, GPEN, LPT, CEH, CISSP, or other industry security certifications.
- Ability to demonstrate manual testing experience, including all of OWASP Top 10.
- Intermediate knowledge of application security mechanisms, such as authentication and authorization techniques, data validation, and encryption.
- Technical knowledge of various application security vulnerabilities.
- Demonstrated experience with common penetration testing and vulnerability assessment tools.
- Intermediate knowledge of a programming or scripting language, such as C, C#, Python, Objective C, Java, JavaScript, or SQL.
- Intermediate knowledge of Web Services technologies, including XML, JSON, SOAP, REST, and AJAX.
- Intermediate knowledge of web frameworks, including XML, SOAP, J2EE, JSON, and Ajax.
- Experience with Enterprise Java or .NET web application frameworks, including Struts and Spring.
- Proven analytical and problem-solving skills, as well as a desire to assist others in solving issues.
- Excellent interpersonal skills, with a strong interest in the application security domain.
- Excellent communication and presentation skills, with a proven ability to communicate threats and facilitate progress towards long-term remediation.
- Highly motivated, with the willingness to take ownership/responsibility for their work and the ability to work alone or as part of a team.
The Team
The Penetration Testing team forms part of the Security Assessment group within Enterprise Cybersecurity (ECS). Our goal is to proactively identify and remediate vulnerabilities in Fidelity's applications and infrastructure. We work closely with all key Business Units to ensure they remain secure while delivering key projects to advance the firm.
Certifications:
Fidelity Investments is a privately held company with a mission to strengthen the financial well-being of our clients. We help people invest and plan for their future. We assist companies and non-profit organizations in delivering benefits to their employees. And we provide institutions and independent advisors with investment and technology solutions to help invest their clients' money.
Company Overview
Fidelity Investments is an equal opportunity employer. We believe that the most effective way to attract, develop, and retain a diverse workforce is to build an enduring culture of inclusion and belonging.
Join Us
At Fidelity, you'll find endless opportunities to build a meaningful career that positively impacts people's lives, including yours. You can take advantage of flexible benefits that support you through every stage of your career, empowering you to thrive at work and at home. Honored with a Glassdoor Employees Choice Award, we have been recognized by our employees as a top 10 Best Place to Work in 2024. And you don't need a finance background to succeed at Fidelity—we offer a range of opportunities for learning so you can build the career you've always imagined.
Fidelity's Hybrid Working Model
We value honesty, integrity, and the safety of our associates and customers within a heavily regulated industry. Certain roles may require candidates to go through a preliminary credit check during the screening process. Candidates who are presented with a Fidelity offer will need to go through a background investigation, detailed in this document, and may be asked to provide additional documentation as requested. This investigation includes but is not limited to a criminal, civil litigations, and regulatory review, employment, education, and credit review (role dependent). These investigations will account for 7 years or more of history, depending on the role. Where permitted by federal or state law, Fidelity will also conduct a pre-employment drug screen, which will review for the following substances: Amphetamines, THC (marijuana), cocaine, opiates, phencyclidine.
We Invite You to Find Your Fidelity at
fidelitycareers.com
-
Senior Security Analyst
4 weeks ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timeAbout the RoleThis is an exciting opportunity for a highly motivated Senior Security Analyst - IAM to deliver the next generation of customer authorization solutions supporting Fidelity business applications.This hybrid role requires associates to work onsite every other week at Fidelity's office. The ideal candidate brings expertise working with...
-
Senior Cybersecurity Penetration Tester
1 month ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:Senior Cybersecurity Penetration TesterThe RoleThe mission of the penetration testing team is to protect Fidelity's assets and our customers livelihoods from the threat of exploitation by malicious adversaries.\u00A0The penetration testing team does this by proactively identifying vulnerabilities in our systems and serving as subject matter...
-
Senior Cybersecurity Penetration Tester
6 days ago
Merrimack, NH, United States Fidelity TalentSource LLC Full timeJob Description:Senior Cybersecurity Penetration TesterThe RoleThe mission of the penetration testing team is to protect Fidelity's assets and our customers livelihoods from the threat of exploitation by malicious adversaries.u00A0The penetration testing team does this by proactively identifying vulnerabilities in our systems and serving as subject matter...
-
Director, Architecture
1 month ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:Director, Architecture Enterprise CybersecurityThe RoleFidelity Investments is looking for an experienced application architect to join the Enterprise Cybersecurity organization (ECS), focusing on delivering innovative solutions in application security for cloud and hybrid deployment, and support static and dynamic application security, and...
-
Director, Architecture
6 months ago
Merrimack, United States Fidelity Investments Full timeJob Description : Fidelity Investments is looking for an experienced application architect to join the Enterprise Cybersecurity organization (ECS), focusing on delivering innovative solutions in application security for cloud and hybrid deployment, and support static and dynamic application security, and red team assessment! The Team & Role ...
-
Sr Field Solutions Architect
3 weeks ago
Merrimack, United States Connection Full timeJob DescriptionJob DescriptionConnection Services has a fantastic opportunity for a Sr Field Solutions Architect, working remotely from NE or SE states. Excellent opportunity to work for a top VAR offering excellent benefits including 25% BONUS, 3 weeks paid PTO, tuition reimbursement, excellent benefits, etc.; opportunity for growth. *REMOTE*Working under...
-
Senior Tech Risk Analyst
1 week ago
Merrimack, United States Fidelity Investments Full timeJob Description:FFIO Senior Tech Risk AnalystDo you want to join a team focused on developing Next-Gen capabilities in Technology Risk? The Technology Risk team for Fidelity Fund and Investment Operations (FFIO) within Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to join the team. You will...
-
Senior Tech Risk Analyst
1 week ago
Merrimack, United States Fidelity Investments Full timeJob Description:FFIO Senior Tech Risk AnalystDo you want to join a team focused on developing Next-Gen capabilities in Technology Risk? The Technology Risk team for Fidelity Fund and Investment Operations (FFIO) within Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to join the team. You...
-
Senior Tech Risk Analyst
1 week ago
Merrimack, United States Fidelity Investments Full timeJob Description: FFIO Senior Tech Risk Analyst Do you want to join a team focused on developing Next-Gen capabilities in Technology Risk? The Technology Risk team for Fidelity Fund and Investment Operations (FFIO) within Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to join the team....
-
Senior Tech Risk Analyst
1 week ago
Merrimack, United States Fidelity Investments Full timeJob Description:FFIO Senior Tech Risk AnalystDo you want to join a team focused on developing Next-Gen capabilities in Technology Risk? The Technology Risk team for Fidelity Fund and Investment Operations (FFIO) within Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to join the team. You...
-
Senior Tech Risk Analyst
1 week ago
Merrimack, United States Fidelity Investments Full timeJob Description:FFIO Senior Tech Risk AnalystDo you want to join a team focused on developing Next-Gen capabilities in Technology Risk? The Technology Risk team for Fidelity Fund and Investment Operations (FFIO) within Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to join the team. You...
-
Senior Tech Risk Analyst
1 month ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:FFIO Senior Tech Risk Analyst Do you want to join a team focused on developing Next-Gen capabilities in Technology Risk? The Technology Risk\u00A0team for Fidelity Fund and Investment Operations (FFIO) within Enterprise Technology Risk & Analytics (ETRA)\u00A0group is seeking a passionate, driven, and experienced professional to join the...
-
Senior Tech Risk Analyst
1 week ago
Merrimack, United States Fidelity Investments Full timeJob Description:FFIO Senior Tech Risk AnalystDo you want to join a team focused on developing Next-Gen capabilities in Technology Risk? The Technology Risk team for Fidelity Fund and Investment Operations (FFIO) within Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to join the team. You...
-
Senior Tech Risk Analyst
7 days ago
Merrimack, United States Fidelity Investments Full timeJob Description:FFIO Senior Tech Risk AnalystDo you want to join a team focused on developing Next-Gen capabilities in Technology Risk? The Technology Risk team for Fidelity Fund and Investment Operations (FFIO) within Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to join the team. You...
-
Business Development Specialist
1 month ago
Merrimack, United States Connection Full timeWhat We Do: We calm the confusion of IT by guiding the connection between people and technology. If a customer is looking for a better way to manage their warehouse inventory, equip their workforce, or secure their data, we make it happen. All it takes is finding the right combination of tech hardware, software, cloud solutions, and support services....
-
Business Development Specialist
1 month ago
Merrimack, United States Connection Full timeWhat We Do: We calm the confusion of IT by guiding the connection between people and technology. If a customer is looking for a better way to manage their warehouse inventory, equip their workforce, or secure their data, we make it happen. All it takes is finding the right combination of tech hardware, software, cloud solutions, and support services....
-
Principal Technology Risk Analyst
1 month ago
Merrimack, United States Fidelity Investments Full timeJob Description:ETRA FFIO Technology Risk Principal AnalystDo you want to join a team focused on developing Next-Gen capabilities in Technology Risk? The Technology Risk team for Fidelity Fund and Investment Operations (FFIO) within Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to join the...
-
Principal Technology Risk Analyst
2 weeks ago
Merrimack, United States Fidelity Investments Full timeJob Description:Make sure to apply with all the requested information, as laid out in the job overview below. ETRA FFIO Technology Risk Principal Analyst Do you want to join a team focused on developing Next-Gen capabilities in Technology Risk? The Technology Risk team for Fidelity Fund and Investment Operations (FFIO) within Enterprise Technology Risk &...
-
Principal Technology Risk Analyst
2 months ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:ETRA FFIO Technology Risk Principal AnalystDo you want to join a team focused on developing Next-Gen capabilities in Technology Risk? The Technology Risk team for Fidelity Fund and Investment Operations (FFIO) within Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to join the...
-
Director, Cloud/DevOps Center of Excellence
2 months ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:Enterprise Technology Risk (ETRA) is seeking a passionate, driven and experienced professional to lead our Cloud/DevOps Center of Excellence. You will manage ETRA’s relationship with CAPE and will work closely with the various ETRA BU tech risk teams with the cloud and DevOps aspects of proactive risk and control assessments, monitoring...
-
Principal Technology Risk Analyst
2 weeks ago
Merrimack, United States Fidelity Investments Full timeJob Description:Make sure to apply with all the requested information, as laid out in the job overview below. ETRA FFIO Technology Risk Principal Analyst Do you want to join a team focused on developing Next-Gen capabilities in Technology Risk? The Technology Risk team for Fidelity Fund and Investment Operations (FFIO) within Enterprise Technology Risk &...
