Peersight
Employers
Jobs
Companies
Top Cities
Log In
Jobs
Dog Sitter - Earn up to Service Service Desk Associate Product Tester at Home Sales Representative Service Sales Representative Service Chauffeur d School Bus Driver - Ancaster Bilingual Customer Service - French and Dog Sitter - Watch Dogs in Your Home Dog Sitters Wanted - Work from Home Dog Sitters Wanted - Get Paid to Play Sales Representative Product Tester at Home Product Tester at Home Product Tester at Home Product Tester at Home Product Tester at Home Customer Service - Work from Home Sales Representative Sales Representative Product Tester at Home Service Product Tester at Home Customer Service - Work from Home Customer Service - Work from Home In-Home Usage Tester Product Tester at Home In-Home Usage Tester Customer Service - Work from Home Bilingual Customer Service - French and Customer Service - Work from Home School Bus Driver - Richmond Hill Product Tester at Home In-Home Usage Tester In-Home Usage Tester Product Tester at Home In-Home Usage Tester Customer Service - Work from Home Customer Service - Work from Home Product Tester at Home Product Tester at Home Product Tester at Home Bilingual Customer Service - French and Customer Service - Work from Home In-Home Usage Tester Product Tester at Home Product Tester at Home Newest Jobs
Companies
Yelp ContactMonkey CareGuide Sterling-Turner Clearbanc Two Sigma Aecom WeWork Exact Media Aerotek Jane Street Doordash First Convenience Bank AsteroidX Shopify Insight Global AT&T Hatchways Creative Circle Borrowell Square Amazon Flex Clickworker Instacart Recovhub Vector Marketing Walgreens LowCostWebDesignFirm.com American Income Life Scotiabank Akira TD Bank Microsoft 51talk UnitedHealth Group Paylocity Top Hat Desjardins CI&T mappedin Mobeewave Checkout 51 GoParkr The Youth Connection Peel Regional Police Hootsuite autoTRADER.ca ScribbleLive SnapTravel Xiaomi All Companies
Top Cities
Chicago, Illinois Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs New York, New York Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs Toronto, Ontario Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs Vancouver, British Columbia Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs Calgary, Alberta Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs San Francisco, California Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs Montréal, Quebec Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs Los Angeles, California Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs
Navigation
My Profile Log Out

Ethical Hacking Analyst (Manual Penetration Tester) At Bank of America

Location: Chicago, Illinois

Job Description

Job Description:



Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.


The Ethical Hacking Analyst will join a dynamic team of world class security experts to conduct application security/penetration tests of our internal/external web, mobile and web service applications, leveraging both manual techniques as well as automated tools in order to uncover and report security vulnerabilities that exist.

You will be knowledgeable with business risks associated to common security vulnerabilities and to be able to effectively communicate security vulnerabilities to application developers and/or senior managers who may have little to no experience with application security vulnerabilities.

The ability to work independently in a very large scale, enterprise setting is a great skill to possess. Previous experience as an application security professional with a large Financial Institution a plus.

Required Skills:
  • Expert in performing Application Security, Penetration Tester (Web, Mobile, WebServices) with deep understanding of risks associated with application security vulnerabilities.
  • SME Level knowledge in the use of Application Security Scan Tools (ie BURP, AppScan, WebInspect, SOAP UI or etc)
  • Certifications (OSCP, OSCE a plus)
  • Uncommon, Niche skillset
  • Experience conducting vulnerability assessments, code reviews and penetration tests against web/mobile application technologies, services, platforms and languages to find flaws and exploits (e.g. SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, Clickjacking, Authentication/Authorization, Privilege Escalation, Business Logic Bypass, OWASP Top 10, SANS Top 25 etc)
  • Knowledge of network and Web related protocols/technologies
  • Ability to demonstrate manual web application testing experience
  • Experience with web application vulnerability scanning tools (e.g. IBM AppScan, HP Webinspect, Accuntix, NTO Spider, Burpsuite Pro etc.)
  • Experience with vulnerability assessment tools and penetration testing techniques (e.g. web application proxies, packet capture analysis software, browser extensions, advanced penetration testing Linux distributions, static source code analyzers, SoapUI etc.)
  • Experience of penetration testing on mobile platforms such as iOS, Android, Windows and RIM.
  • Solid programming/debugging skills with proficiency in one or more of the following: Java, JavaScript, HTML, XML, PHP, ASP.NET, AJAX, JSON, Objective-C.
  • Expert-level experience and very details technical knowledge in at least 3 of the following areas: general information security; security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks, single sign-on technologies; exploit automation platforms; RESTful web services
  • Demonstrated ability to learn and apply critical thinking to a variety of situations
  • One or more of the following certifications: CISSO, GWAPT, CEH, OSCP (or qualified work experience)
  • Strong scripting skills (e.g. Python, Perl, Shell script, JavaScript
  • Experience as a developer
  • Mobile programming abilities such as Xcode, Objective-C
  • Knowledge of a Structured Query Language

Shift:

1st shift (United States of America)

Hours Per Week:

40