Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
ACI Worldwide

Cybersecurity Pentester

ACI Worldwide

Cybersecurity Pentester performing penetration testing and vulnerability assessments for ACI, protecting software and information security. Collaborating with teams to identify and remediate vulnerabilities in systems.

Posted 5/12/2026full-timeNew York • 🇺🇸 United StatesJuniorWebsite

Tech Stack

Tools & technologies
LinuxPerlPythonRubyShell ScriptingSQLUnix

About the role

Key responsibilities & impact
  • Protects the confidentiality and availability of software, systems and information owned, controlled, used and managed by the company.
  • Responsible for performing penetration testing and vulnerability assessments within a team environment.
  • Conducts formal tests on web-based and traditional applications, networks/infrastructure, mobile, source code reviews, threat analysis, wireless network assessments and other technology.
  • Performs the daily operation of the team including vulnerability identification, risk assessments, vulnerability remediation, and validation testing.
  • Will provide actionable recommendations and guidance for the business based on the assessment findings.
  • Performs internal penetration testing and external red teaming of networks, systems, and applications within agreed scope and rules of engagement.
  • Runs Web application vulnerability software to detect security issues in web applications.
  • Analyzes output of web application test scans to determine valid security issues.
  • Conducts regular meetings with business unit stakeholders to assess remediation efforts from the findings of the pentest.
  • Gathers security related information across multiple electronic, computer and development environments. Identifies, summarizes, reviews, and reports potential/actual actions that may jeopardize information security environments.
  • Participates in information security audits to proactively minimize and eliminate information security vulnerabilities.
  • Uses penetration testing methodologies to validate the remediation of vulnerabilities and misconfiguration issues.
  • Reviews Application Code reports on vulnerabilities.
  • Performs extensive internal network reconnaissance with the correlation of data from SIEM, scanning applications, network monitoring devices, host applications, etc.
  • Performs Web application testing focused on http/https vulnerabilities, TLS, application level like XSS, SQL, cross site scripting.
  • Perform other duties as assigned.
  • Understand and adhere to all corporate policies to include but not limited to the ACI Code of Business Conduct and Ethics.
  • Understands and complies with Risk Management program requirements including identification of risks, key controls, and control testing as applicable to their responsibilities.

Requirements

What you’ll need
  • Bachelor's degree in computer science, MIS, or related field or equivalent experience.
  • 1-3 years’ experience in information security in various security disciplines.
  • Certifications: OSCP, CRTO, CRTP, OSEP, GXPN, or similar certifications are a plus.
  • Solid understanding of OWASP and other software security best practices.
  • Strong technical ability in both manual and automated approaches to penetration testing.
  • Knowledge of threat modeling methodologies.
  • Knowledge of social engineering techniques and methodologies.
  • Detailed knowledge and experience with exploiting vulnerabilities in a corporate (enterprise) environment.
  • Experience with assessment tools, such as scanners, administrative utilities, local proxies, debuggers, fuzzers, etc.
  • Excellent problem solving, planning and interpersonal skills.
  • Ability to interpret internal and external business challenges and recommend best practices.
  • Skilled experience with major operating systems, such as Windows, UNIX, Linux OS including administration and security.
  • Intermediate experience with multiple penetration tools, such as: Burp, OWASP ZAP, NMAP, OpenVAS, OpenSSL, Cobalt Strike, SQLmap, Pupy, Mimikatz, Metasploit, etc.
  • Intermediate experience with programming languages, shell scripting to automate tasks, such as C++, Perl, and Python or Ruby.
  • Knowledge of attack method types and their usage in targeted attacks, such as malware, vulnerabilities, application vulnerabilities, lateral movement, etc.
  • Experience creating reports with detailed penetration test findings, descriptions, reproduction steps, and mitigation recommendations.
  • Experience in reconnaissance (network & system), weaponization, exploitation, and lateral movement (post exploitation activities), Wi-Fi, malware, packet analysis, reverse engineering.
  • Ability to prioritize and re-prioritize tasks in a rapidly changing environment.
  • Strong written and verbal communication skills and a solid understanding of IT Security concepts to include security operations.
  • Knowledge of network protocols, data flows and vulnerabilities.
  • Knowledge of PCI and other industry compliance standards.

Benefits

Comp & perks
  • health insurance
  • retirement plans
  • paid time off
  • flexible work arrangements
  • professional development

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
penetration testingvulnerability assessmentsthreat analysisrisk assessmentsweb application testingsource code reviewsnetwork reconnaissanceexploiting vulnerabilitiesshell scriptingprogramming languages
Soft Skills
problem solvingplanninginterpersonal skillscommunication skillsability to prioritize tasksrecommend best practicesactionable recommendationscollaborationanalytical skillsreport writing
Certifications
OSCPCRTOCRTPOSEPGXPN