Lead Cybersecurity Penetration Tester
2 weeks ago
Position Overview:
The primary objective of the penetration testing division is to safeguard Fidelity's resources and our clients' financial security from potential threats posed by malicious entities.
This team achieves its goals by proactively detecting weaknesses in our systems and acting as experts to assist business units in effectively addressing these vulnerabilities through collaboration and innovation.
Our Vision
- To be recognized as a premier penetration testing team, with fully engaged and dedicated members.
- Delivering high-quality outcomes in a consistent, efficient, and customer-focused manner.
- Offering a competitive edge to the organization and distinguishing ourselves in the industry.
- Serving as a benchmark for others within the enterprise and the broader sector.
- Promoting advancements and research in the field of cybersecurity.
Fidelity boasts a vast and varied array of products, presenting an engaging role that allows the team to tackle diverse aspects of the business.
Required Expertise
- Bachelor's degree or equivalent experience
- 5+ years of experience in IT
- Preferred: 3+ years of hands-on experience in web application penetration testing or ethical hacking
- Preferred certifications: OSCP, GWAPT, GXPN, GPEN, LPT, CEH, CISSP, or other recognized security certifications.
Your Role's Purpose
- Oversee testing initiatives on Fidelity's web and mobile applications and associated systems.
- Simulate the actual methods and tools utilized by malicious attackers to assess potential external threats.
- After assessments, prepare reports and present findings to application owners, developers, and information security teams within business units.
- Analyze test outcomes, draw conclusions, and create targeted exploit examples.
- Collaborate with operations and software development teams to ensure identified weaknesses are addressed.
- Contribute to the research or development of tools to enhance the vulnerability discovery process.
- Work alongside other teams within Enterprise Cybersecurity to bolster the overall security of Fidelity's applications and infrastructure.
- Stay updated on security best practices and emerging vulnerabilities.
Skills You Bring
- Proven manual testing experience, including familiarity with all OWASP Top 10 vulnerabilities.
- Intermediate understanding of application security mechanisms, including authentication, authorization techniques, data validation, and encryption practices.
- Technical knowledge to identify various types of application security vulnerabilities.
- Experience with common penetration testing and vulnerability assessment tools such as nmap, Wireshark, Nessus, NeXpose, BackTrack, Metasploit, AppScan, WebInspect, Burp Suite Professional, Acunetix, Arachni, w3af, NTOSpider.
- Intermediate proficiency in programming or scripting languages such as C, C#, Python, Objective C, Java, or JavaScript.
- Intermediate knowledge of Web Services technologies including XML, JSON, SOAP, REST, and AJAX.
- Familiarity with web frameworks, including XML, SOAP, J2EE, JSON, and Ajax.
- Experience with Enterprise Java or .NET web application frameworks, including Struts and Spring.
- Strong analytical and problem-solving abilities, with a desire to assist others in resolving issues.
- Excellent interpersonal skills and a keen interest in the application security domain.
- Strong communication and presentation skills, with a proven ability to convey threats and facilitate progress towards long-term solutions.
- Highly motivated, taking ownership of responsibilities, and capable of working independently or as part of a team.
The Value You Provide
Fidelity plays a crucial role in delivering essential financial services to a diverse range of clients. In many cases, we are entrusted with managing our clients' financial futures and savings, a responsibility we take very seriously. Safeguarding our clients and their data is of utmost importance, and this role is vital in protecting the livelihoods of our clients globally while preventing real-world cyber threats.
Impact on the Organization
The Penetration Testing team is part of the Security Assessment group within Enterprise Cybersecurity (ECS). The objective of the Security Assessment group is to proactively identify and remediate vulnerabilities in Fidelity's applications and infrastructure. We collaborate closely with key business units to ensure they maintain security while advancing critical projects.
Company Overview
Fidelity Investments is a privately held organization dedicated to enhancing the financial well-being of our clients. We assist individuals in investing and planning for their futures, support companies and non-profit organizations in providing benefits to their employees, and offer institutions and independent advisors investment and technology solutions to manage their clients' funds.
At Fidelity, we value honesty, integrity, and the safety of our associates and clients within a heavily regulated industry. Certain roles may require candidates to undergo a preliminary credit check during the screening process. Candidates who receive an offer will need to complete a background investigation, which may include a review of criminal history, civil litigations, regulatory compliance, employment history, education, and credit history (role dependent). These investigations may cover a period of 7 years or more, depending on the role. Where permitted by federal or state law, Fidelity may also conduct a pre-employment drug screening.
Fidelity is an equal opportunity employer, committed to fostering a diverse workforce through a culture of inclusion and belonging.
Fidelity will provide reasonable accommodations for applicants with disabilities who require adjustments to participate in the application or interview process.
-
Lead Cybersecurity Penetration Tester
2 weeks ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timeJob Overview:The primary objective of the penetration testing team is to protect the assets and interests of both Fidelity and its clients from potential threats posed by malicious entities.This is accomplished by proactively identifying weaknesses within systems and serving as specialists to assist business units in mitigating these risks through a...
-
Lead Cybersecurity Penetration Tester
2 weeks ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timePosition Overview:The primary objective of the penetration testing unit is to safeguard Fidelity's resources and our clients' financial security from potential threats posed by malicious entities. This team achieves its goals by proactively discovering weaknesses in our systems and acting as specialists to assist business units in addressing these...
-
Lead Cybersecurity Penetration Tester
2 weeks ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timePosition Overview:The primary objective of the penetration testing division is to safeguard Fidelity's resources and our clients' financial security from the risks posed by malicious entities. This team achieves its mission by proactively uncovering weaknesses in our systems and acting as authorities to assist business units in addressing these...
-
Cybersecurity Risk Management Specialist
8 hours ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timeAbout the RoleFidelity TalentSource LLC is seeking a highly skilled Cybersecurity Risk Management Specialist to join our team. As a key member of our Enterprise Cybersecurity division, you will play a critical role in helping us manage firm-wide cybersecurity risk.Key ResponsibilitiesPartner with internal teams to identify and mitigate cybersecurity...
-
Information Security Analyst
2 weeks ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timeCybersecurity Analyst (Internal Threat Operations)Fidelity TalentSource is dedicated to connecting talented individuals with opportunities at Fidelity Investments. We are currently seeking a Cybersecurity Analyst to join our team.Position OverviewThe Enterprise Cybersecurity division provides comprehensive technology and support across all sectors of...
-
Information Security Analyst
2 weeks ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timeCybersecurity Analyst (Internal Threat Operations)Fidelity TalentSource is dedicated to connecting you with your next temporary opportunity within Fidelity Investments. We are currently seeking a Cybersecurity Analyst to support our operations.Position OverviewThe Enterprise Cybersecurity division offers comprehensive technology and support services to all...
-
Senior Technology Risk Management Specialist
6 days ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timeJob Description:The External Audit Center of Excellence within Fidelity's Enterprise Technology Risk and Analytics (ETRA) group is seeking a highly skilled and experienced professional to oversee technology areas of external audit engagements. As a Senior Technology Risk Management Specialist, you will be responsible for enhancing and running the external...
-
Senior Director of Application Security
2 weeks ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timeJob Overview:Fidelity TalentSource LLC is in search of a seasoned Application Architect to be part of the Enterprise Cybersecurity division. This position is pivotal in crafting innovative application security solutions tailored for cloud and hybrid environments, encompassing both static and dynamic application security measures, along with red team...
-
Senior Director of Security Architecture
2 weeks ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timeJob Overview:Fidelity TalentSource LLC is in search of a seasoned Application Architect to become a vital part of the Enterprise Cybersecurity division. This position emphasizes the development of cutting-edge solutions in application security tailored for both cloud and hybrid environments, while also addressing static and dynamic application security...
-
Senior Director of Security Architecture
2 weeks ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timeJob Overview:Fidelity TalentSource LLC is in search of a seasoned Application Architect to become a vital part of the Enterprise Cybersecurity division. This position is centered on crafting innovative strategies in application security tailored for both cloud and hybrid environments, with a focus on static and dynamic application security as well as red...
-
Senior Technology Risk Management Specialist
2 weeks ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timeJob Overview:Position SummaryThe Technology Risk division at Fidelity Brokerage, part of the Enterprise Technology Risk & Analytics (ETRA) team, is in search of a dedicated and skilled individual to enhance our operations. As a leader in the Fidelity Brokerage Technology Risk Management sector, your primary focus will be on overseeing significant risks,...
-
Senior Systems Engineer
2 days ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timeAbout the RoleFidelity TalentSource LLC is seeking a highly skilled Senior Systems Engineer to join our Global Security and Technology team. As a key member of our team, you will be responsible for designing, implementing, and maintaining our physical security systems, including electronic card access, IP Video, intrusion detection, intercoms, electronic...
-
Head of Application Security Architecture
2 weeks ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timeJob Overview:Fidelity TalentSource LLC is in search of a seasoned Application Architect to become a vital part of the Enterprise Cybersecurity organization (ECS). This position emphasizes the delivery of pioneering solutions in application security tailored for cloud and hybrid environments, encompassing both static and dynamic application security...
-
Senior Director of Application Security
2 weeks ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timeJob Overview:Fidelity TalentSource LLC is in search of a seasoned Application Architect to become a vital part of the Enterprise Cybersecurity organization (ECS). This position emphasizes the development of pioneering solutions in application security tailored for cloud and hybrid environments, encompassing both static and dynamic application security, as...
-
Senior Technology Risk Management Specialist
1 week ago
Merrimack, New Hampshire, United States Fidelity TalentSource LLC Full timeJob Description:The RoleThe Technology Risk team for Fidelity Brokerage (FB) within Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to join the team. As a key member of the team, you will focus on the oversight of key risks, threats, controls, and other critical technology risk management...
-
Senior Cybersecurity Penetration Tester
1 month ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:The mission of the penetration testing team is to protect Fidelity's assets and our customers livelihoods from the threat of exploitation by malicious adversaries.\u00A0\u00A0The penetration testing team does this by proactively identifying vulnerabilities in our systems and serving as subject matter experts to enable the business units to...
-
Senior Cybersecurity Penetration Tester
2 weeks ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:The mission of the penetration testing team is to protect Fidelity's assets and our customers livelihoods from the threat of exploitation by malicious adversaries.\u00A0\u00A0The penetration testing team does this by proactively identifying vulnerabilities in our systems and serving as subject matter experts to enable the business units to...
-
Director, Architecture
4 months ago
Merrimack, United States Fidelity Investments Full timeJob Description : Fidelity Investments is looking for an experienced application architect to join the Enterprise Cybersecurity organization (ECS), focusing on delivering innovative solutions in application security for cloud and hybrid deployment, and support static and dynamic application security, and red team assessment! The Team & Role ...
-
Director, Architecture
2 weeks ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:Fidelity Investments is looking for an experienced application architect to join the Enterprise Cybersecurity organization (ECS), focusing on delivering innovative solutions in application security for cloud and hybrid deployment, and support static and dynamic application security, and red team assessment!\u00A0The Team & RoleThe ECS...
-
Director, Architecture
4 months ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:Fidelity Investments is looking for an experienced application architect to join the Enterprise Cybersecurity organization (ECS), focusing on delivering innovative solutions in application security for cloud and hybrid deployment, and support static and dynamic application security, and red team assessment!\u00A0The Team & RoleThe ECS...
-
Director, Architecture
17 minutes ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:Fidelity Investments is looking for an experienced application architect to join the Enterprise Cybersecurity organization (ECS), focusing on delivering innovative solutions in application security for cloud and hybrid deployment, and support static and dynamic application security, and red team assessment!\u00A0The Team & RoleThe ECS...
-
Director, PAM Architecture
1 month ago
Merrimack, United States Fidelity Investments Full timeJob Description:Director, PAM ArchitectureThe RoleThe Enterprise Cybersecurity Architecture Privileged Access Management Team is seeking a Director, PAM Architecture to join our team. As an individual contributing Architect in PAM, you will:Drive adoption of enterprise standards (reference architectures) and best practices, and promote changes in process,...
-
Director, PAM Architecture
2 weeks ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:Director, PAM ArchitectureThe RoleThe Enterprise Cybersecurity Architecture Privileged Access Management Team is seeking a Director, PAM Architecture to join our team. As an individual contributing Architect in PAM, you will:Drive adoption of enterprise standards (reference architectures) and best practices, and promote changes in process,...
-
Director, PAM Architecture
4 weeks ago
Merrimack, United States Fidelity Investments Full timeJob Description:Director, PAM ArchitectureThe RoleThe Enterprise Cybersecurity Architecture Privileged Access Management Team is seeking a Director, PAM Architecture to join our team. As an individual contributing Architect in PAM, you will:Drive adoption of enterprise standards (reference architectures) and best practices, and promote changes in process,...
-
Director, PAM Architecture
2 months ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:Director, PAM ArchitectureThe RoleThe Enterprise Cybersecurity Architecture Privileged Access Management Team is seeking a Director, PAM Architecture to join our team. As an individual contributing Architect in PAM, you will:Drive adoption of enterprise standards (reference architectures) and best practices, and promote changes in process,...
-
Director, PAM Architecture
16 minutes ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:Director, PAM ArchitectureThe RoleThe Enterprise Cybersecurity Architecture Privileged Access Management Team is seeking a Director, PAM Architecture to join our team. As an individual contributing Architect in PAM, you will:Drive adoption of enterprise standards (reference architectures) and best practices, and promote changes in process,...
-
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:The RoleThe External Audit Center of Excellence within Fidelity s Enterprise Technology Risk and Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to help us oversee the technology areas of external audit engagements. You will enhance and run the external audit oversight program activities focused on key...
-
ETRA Principal Technology Risk Analyst, External Audit
17 minutes ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:The RoleThe External Audit Center of Excellence within Fidelity s Enterprise Technology Risk and Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to help us oversee the technology areas of external audit engagements. You will enhance and run the external audit oversight program activities focused on key...
-
Director, Cloud/DevOps Center of Excellence
6 days ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:Enterprise Technology Risk (ETRA) is seeking a passionate, driven and experienced professional to lead our Cloud/DevOps Center of Excellence. You will manage ETRA’s relationship with CAPE and will work closely with the various ETRA BU tech risk teams with the cloud and DevOps aspects of proactive risk and control assessments, monitoring...
-
Director, Cloud/DevOps Center of Excellence
17 minutes ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:Enterprise Technology Risk (ETRA) is seeking a passionate, driven and experienced professional to lead our Cloud/DevOps Center of Excellence. You will manage ETRA’s relationship with CAPE and will work closely with the various ETRA BU tech risk teams with the cloud and DevOps aspects of proactive risk and control assessments, monitoring...
-
Principal technology risk analyst
4 weeks ago
Merrimack, United States Fidelity Investments Full timeJob Description The Role The Technology Risk team for Fidelity Brokerage (FB) within the Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to join the team! Leading the Fidelity Brokerage Technology Risk Management team, you will focus on the oversight of key risks, threats, controls, and other...
-
ETRA Principal Technology Risk Analyst
1 month ago
Merrimack, United States Fidelity Investments Full timeJob Description:The RoleThe Technology Risk team for Fidelity Brokerage (FB) within Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to join the team! Leading the Fidelity Brokerage Technology Risk Management team, you will focus on the oversight of key risks, threats, controls, and other...
-
Manager, Cyber Security
1 week ago
Merrimack, United States CAMP Systems International, Inc. Full timeCAMP Systems is the leading provider of aircraft compliance and health management services to the global business aviation industry. CAMP is the pre-eminent brand in its industry and is the exclusive recommended service provider for nearly all business aircraft manufacturers in the world. Our services are delivered through a “SaaS plus” model and we...
-
Cyber Security Manager
1 week ago
Merrimack, United States CAMP Systems International, Inc. Full timeCAMP Systems is the leading provider of aircraft compliance and health management services to the global business aviation industry. CAMP is the pre-eminent brand in its industry and is the exclusive recommended service provider for nearly all business aircraft manufacturers in the world. Our services are delivered through a “SaaS plus” model and we...
-
ETRA Principal Technology Risk Analyst
4 weeks ago
Merrimack, United States Fidelity TalentSource LLC Full timeJob Description:The RoleThe Technology Risk team for Fidelity Brokerage (FB) within Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to join the team!\u00A0 Leading the Fidelity Brokerage Technology Risk Management team, you will focus on the oversight of key risks, threats, controls, and other...