Penetration Tester, Associate Vice President
MUFG
full-time
Posted on:
Location Type: Hybrid
Location: Tempe • Arizona, Florida • 🇺🇸 United States
Visit company websiteSalary
💰 $108,000 - $131,000 per year
Job Level
JuniorMid-Level
Tech Stack
AssemblyAWSAzureCloudJavaKubernetesLinuxMySQLOraclePythonRubySQLUnix
About the role
- Scope and perform penetration testing and vulnerability research of complex proprietary software and hardware for client services
- Prepare clear and concise reporting on issues found including severity calculation, steps to reproduce, and mitigation/remediation recommendations
- Create custom tool(s) and/or modify existing tool(s) to aid with automation of vulnerability detection
- Partner with infrastructure and application development teams at MUFG to ensure identified findings are understood and effectively mitigated or remediated in a timely manner
- Continuously research new exploitation/attack techniques against technology stack(s) currently being used across MUFG
- Continuously develop your skills from various resources, including MUFG provided training
- Assist with the development of an internal training program for all levels of penetration testers to grow and develop the technical skills needed to be proficient
- Provide technical training and guidance to junior and peer team members
Requirements
- Bachelor’s degree in computer science or related field; applicable specialized training; or equivalent work experience - equally preferable
- Operational experience penetration testing two or more of: Network infrastructure (Routers, switches...), Security products and services (FW, IDS, IPS, AV...), Active Directory, servers, services, desktops and mobile devices, Operating System (Windows, Unix/Linux/AIX), Databases (MySQL, SQL, DB2...), Cloud and container technologies like AWS, Azure, Oracle and Kubernetes
- 3+ years of experience in application and infrastructure penetration testing, utilizing industry-standard penetration-testing methodologies and security concepts such as OWASP, and the MITRE ATT&CK framework
- Operational experience with one or more programming languages including Java, C#, C, C++, Assembly desired, but not required
- Operational experience in one or more of: Post exploitation, exploitation development, or binary reverse engineering
- 3+ years of experience employing testing frameworks and tools such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, Nessus, PowerShell Empire, AutoSploit, Ghidra, IDAPro, OllyDbg, Fiddler
- 1+ years of experience in scripting languages such as Python, PowerShell, Bash, and/or Ruby desired, but not required
- Excellent communication and report-writing skills
- Visa sponsorship/support is based on business needs; employer does not anticipate providing visa sponsorship/support for this position
Benefits
- discretionary performance-based bonus and/or incentive compensation
- comprehensive health and wellness benefits
- retirement plans
- educational assistance and training programs
- income replacement for qualified employees with disabilities
- paid maternity and parental bonding leave
- paid vacation, sick days, and holidays
- Total Rewards program providing a competitive benefits package
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
penetration testingvulnerability researchnetwork infrastructuresecurity productsoperating systemsdatabasesprogramming languagesscripting languagesexploitation developmentbinary reverse engineering
Soft skills
communication skillsreport-writing skillstechnical trainingguidancecollaboration