Current jobs related to Lead Web Application Penetration Tester - Wilmington, Delaware - M&T Bank
-
Wilmington, Delaware, United States JPMorgan Chase Full time:Duties: Lead the technical implementation of enhancements in accordance with customer and business stakeholder priorities. Write detailed requirements and coordinate with engineering teams and stakeholders. Partner closely with product managers and engineering leads to define delivery timelines and create and prioritize product backlog. Act as a liaison...
-
Test Automation Manager
1 day ago
Wilmington, Delaware, United States hackajob Full timehackajob*is collaborating withJ.P. Morganto connect them with exceptional tech professionals for this role.*Job Description**Organization DescriptionJoin our Consumer & Community Banking division at JPMorgan Chase & Co., where we offer a wide range of financial services, including personal banking, credit cards, and investment advice. As a leader in credit...
-
Senior Lead Software Engineer
1 day ago
Wilmington, Delaware, United States JPMorganChase Full timeJob DescriptionWe're looking for a tech leader ready to take their career to new heights. Join the ranks of top talent at one of the world's most influential companies.As a Senior Lead Software Engineer at JPMorgan Chase within the Consumer and Community Banking Machine Learning Intelligence Operations, you are an integral part of an agile team that works to...
-
Mainframe Lead Software Engineer
7 days ago
Wilmington, Delaware, United States JPMorgan Chase Full timeWe have an opportunity to impact your career and provide an adventure where you can push the limits of what's possible.As a Lead Software Engineer at JPMorganChase within the Consumer & Community Banking Card Technology team, you are an integral part of an agile team that works to enhance, build, and deliver trusted market-leading technology products in a...
-
Application Engineer
4 days ago
Wilmington, Delaware, United States Allied Universal Full time $100,000 - $115,000OverviewCompany Overview: Join Allied Universal Technology Services, a global leader in transforming the security industry. We integrate advanced technology — video surveillance, electronic access control, alarm monitoring and augmented solutions with physical security to help people feel safe. Whether you're an installation technician, service technician,...
-
Sr. Lead Software Engineer
2 weeks ago
Wilmington, Delaware, United States hackajob Full timehackajob*is collaborating withJ.P. Morgan*to connect them with exceptional tech professionals for this role.Be an integral part of an agile team that's constantly pushing the envelope to enhance, build, and deliver top-notch technology products.As a Senior Lead Software Engineer at JPMorganChase within the Consumer and Community Banking Card Technology team,...
-
Sr. Lead Software Engineer
2 weeks ago
Wilmington, Delaware, United States JPMorganChase Full timeJob DescriptionBe an integral part of an agile team that's constantly pushing the envelope to enhance, build, and deliver top-notch technology products.As a Senior Lead Software Engineer at JPMorganChase within the Consumer and Community Banking Card Technology team, you are an integral part of an agile team that works to enhance, build, and deliver trusted...
-
Lead Software Engineer, Front End
1 day ago
Wilmington, Delaware, United States Capital One Full timeDo you love building and pioneering in the technology space? Do you enjoy solving complex business problems in a fast-paced, collaborative, inclusive, and iterative delivery environment? At Capital One, you'll be part of a big group of makers, breakers, doers and disruptors, who solve real problems and meet real customer needs. We are seeking Front End...
-
Lead Architect, Card Solutions
1 week ago
Wilmington, Delaware, United States JPMorgan Chase & Co. Full timeIf you are excited about shaping the future of technology and driving significant business impact in financial services, we are looking for people just like you. Join our team and help us develop game-changing, high-quality solutions.As a Lead Architect at JPMorgan Chase within the Consumer Card Technology group, you are an integral part of a team dedicated...
-
Senior AI Applications Engineer
2 days ago
Wilmington, Delaware, United States The Chemours Company Full timeAs we create a colorful, capable and cleaner world through chemistry, we invite you to join our team to harness the power of chemistry to shape markets, redefine industries and improve lives for billions of people around the world.Creating Essential Chemistry That The World NeedsAt Chemours, our people are redefining how the world thinks of chemistry by...
Lead Web Application Penetration Tester
2 weeks ago
This role offers a hybrid work schedule at our Buffalo, NY Tech Hub.
Overview:Searches for application and system weaknesses that are exploitable, and partners with technology, cybersecurity, and risk teams to remediate any found weaknesses. Partners with technology leaders to train engineering and infrastructure teams to develop new applications and systems securely to ensure weaknesses are removed prior to implementation or software deployment.
Primary Responsibilities:- Complete penetration testing or red team/adversarial exploitation exercises of web applications, Application Programming Interfaces (APIs), hardware, and mobile.
- Perform reconnaissance, social engineering, initial access, and post-exploitation activities across internal and external environments.
- Develop and deploy custom payloads, exploits, and tools for use during engagements, including client-side, server-side, and lateral movement scenarios.
- Contribute to purple team exercises by sharing red team findings and collaborating with detection engineering and incident response teams to improve defensive capabilities.
- Document detailed findings, attack paths, and security gaps with clear recommendations for mitigation and risk reduction.
- Stay current on emerging TTPs, CVEs, and adversary tradecraft, especially in the context of web and cloud exploitation techniques.
- Define testing methods to meet the scope and goals of assigned penetration tests.
- Understand breach and attack simulation solutions and work with the team to validate controls effectiveness.
- Effectively educate and train Cybersecurity teams on new tactics, techniques, and procedures to ensure technology applications and services are not at risk of compromise or will leak information.
- Collaborate across Cybersecurity and Technology teams to leverage intelligence sources, identify new threats, improve tool usage and workflow, and mature monitoring and response capabilities.
- Identify areas of opportunities in daily tasks to advance penetration testing skills and regularly learn new tactics, techniques, procedures to assess risk and implement and validate controls as necessary.
- Understand and adhere to the Company's risk and regulatory standards, policies, and controls in accordance with the Company's Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
- Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
- Complete other related duties as assigned.
- Engages in regular interaction with senior management and associated staff within Internal Audit, Compliance, Risk Management, and Technology.
- Exercises judgement in selecting methods, techniques, and evaluation criteria in obtaining results. Exerts significant latitude in determining objective of assignment. Work is accomplished with limited direction.
- Intermediate working knowledge of penetration testing and red team tools.
- Advanced knowledge of networking and network protocols.
- Intermediate working knowledge of operating systems and scripting and/or coding.
- The position provides guidance and mentoring to less experienced team members.
- Bachelor's degree and a minimum of 5 years' relevant work experience, or in lieu of a degree, a combined minimum of 9 years' higher education and/or work experience.
- Prior experience penetration testing and red team tools to be able to simulate attacker tactics, techniques, and procedures.
- Advanced knowledge of networking and network protocols
- Intermediate working knowledge of operating systems and scripting and/or coding
- Bachelor's degree in an applicable discipline such as Computer Science, Cybersecurity, or Information Technology
- Extensive understanding of information security concepts (both technical and organizational requirements)
- Highly ethical and expected to maintain a level of professionalism at all times
- Intermediate working knowledge in social engineering, application security (web and mobile), physical methods, lateral movement, threat analysis, internal and external network architecture, and a wide array of commercial and bring-your-own (BYO) products.
- Excellent ability to strategically learn new technical skills, and apply broadly across systems, tools, and processes
- Experience training penetration tester to ensure they have intermediate knowledge of penetration testing and red team concepts, tools, and ability to simulate attacker tactics, techniques, and procedures
- Strong ability to analyze and draw reliable conclusions based on large volumes of quantitative data from diverse sources
- Penetration testing-specific or Cybersecurity domain-related industry-recognized certification
