Senior Security Operations Manager
Pure Storage
AssemblyAWSAzureCloudCyber SecurityGoogle Cloud PlatformLinuxMacOSPythonSplunk
Associate Vice President, Penetration Testing
MUFG
full-time
Posted on:
Origin: • 🇺🇸 United States • Arizona, Florida
Visit company websiteSalary
💰 $108,000 - $131,000 per year
Job Level
JuniorMid-Level
Tech Stack
AssemblyAWSAzureCloudJavaKubernetesLinuxMySQLOraclePythonRubySQLUnix
About the role
- Penetration testing of applications and infrastructure assets to identify exploitable vulnerabilities across MUFG assets
- Prepare clear and concise reporting on issues found including severity calculation, steps to reproduce, and mitigation/remediation recommendations
- Scope and perform penetration testing and vulnerability research of complex proprietary software and hardware for client services
- Create custom tool(s) and/or modify existing tool(s) to aid with automation of vulnerability detection
- Partner with infrastructure and application development teams at MUFG to ensure identified findings are understood and effectively mitigated or remediated in a timely manner
- Continuously research new exploitation/attack techniques against technology stack(s) currently being used across MUFG
- Continuously develop skills using MUFG-provided training and other resources; maintain familiarity with industry trends and security best practices
- Assist with the development of an internal training program for all levels of penetration testers
- Provide technical training and guidance to junior and peer team members
Requirements
- Bachelor’s degree in computer science or related field; applicable specialized training; or equivalent work experience - equally preferable
- 3+ years of experience in application and infrastructure penetration testing, utilizing industry-standard penetration-testing methodologies and security concepts such as OWASP and the MITRE ATT&CK framework
- Operational experience penetration testing two or more of the following technology areas: Network infrastructure (Routers, switches...), Security products and services (FW, IDS, IPS, AV...), Active Directory, servers, services, desktops and mobile devices, Operating System (Windows, Unix/Linux/AIX), Databases (MySQL, SQL, DB2...), Cloud and container technologies like AWS, Azure, Oracle and Kubernetes
- Operational experience with one or more programming languages including Java, C#, C, C++, Assembly desired, but not required
- Operational experience in one or more of these areas: Post exploitation, exploitation development, or binary reverse engineering
- 3+ years of experience employing testing frameworks and tools such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, Nessus, PowerShell Empire, AutoSploit, Ghidra, IDAPro, OllyDbg, Fiddler
- 1+ years of experience in scripting languages such as Python, PowerShell, Bash, and/or Ruby desired, but not required, including experience using automated tools and manual testing techniques
- Excellent communication and report-writing skills
- Ability and willingness to work at MUFG office or client sites four days per week and remotely one day
- Visa sponsorship/support is not anticipated for this position (work authorization likely required without sponsorship)
Similar jobs on JobTailor
SVP, Enterprise Architecture, Engineering and Development
Saffire, LLC
AssemblyAWSAzureCloudCyber SecurityDockerGoogle Cloud PlatformKubernetesMicroservicesTableau
Graduate – Emerging Tech, Front-End, Back-End, Data, Automation, Applications, SAP, Cloud
Kyndryl
AssemblyAWSAzureCloudCyber SecurityDockerETLGoGoogle Cloud PlatformJavaKubernetesMicroservices+2 more
Application Security Lead
Accurate Background
AWSAzureCloudCyber SecurityGoogle Cloud PlatformJavaMongoDBOraclePythonSDLCSQL
Senior Cyber Engineer, TS/SCI Required
Forcepoint
AWSAzureCloudCyber SecurityFirewallsGrafanaKubernetesLinuxOracleSwitchingTypeScriptVMware