Penetration Testing Consultant

🕒 vor 10 Tagen

🤠 Texas – Remote

🤠 Texas – Remote

💵 $88.800 - $165.600 / Jahr

⏰ Vollzeit

🟡 Mittelstufe

🟠 Senior

👮‍♂️ IT-Sicherheitsingenieur

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

BMO U.S.

WebsiteLinkedInAlle Stellen

5001 - 10000 Mitarbeiter

🏦 Bankwesen

💸 Finanzen

💳 Fintech

Banking • Finance • Fintech

Bei BMO ist Bankgeschäft unser persönliches Engagement, Menschen in jeder Phase ihres finanziellen Lebens zu unterstützen.

Beschreibung

• Provides information security consulting services for BMO overall and businesses/groups. • Liaises with stakeholders to understand problems and opportunities and enables BMO to meet its goals by understanding business vision, objectives and KPIs • Facilitates discussions and follows a disciplined approach to plan, elicit, analyse, document, communicate and manage initiatives and issues with stakeholders by applying a variety of elicitation techniques to probe, challenge and understand associated risks. • Develops and champions information security best practices, including staying abreast of industry information security and business trends through benchmarking and/or participation in professional associations. • Tracks metrics and milestones, providing recommendations for resolution and escalating as appropriate when issues arise. • Creates professional presentations and deliver them in a meaningful concise way.

🎯 Anforderungen

• Min of 3+ years experience with Manual Penetration Testing experience in Web or API • Strong exposure for testing Web applications in the following areas: A solid grasp of HTTP/S protocols, headers, cookies, sessions, and CORS behavior within your web testing experience • Experience testing authentication and authorization mechanisms (OAuth, JWT, session flaws, IDOR/BOLA) • Strong proficiency with Burp Suite Professional, OWASP ZAP, IBM’s APP SCAN (proxying, repeater, intruder, extensions) • Deep practical knowledge of OWASP Top 10 (Web + API) and common vulnerabilities • Ability to identify and exploit business logic vulnerabilities and multi-step attack paths • Preference for candidates who have at least one certification in a related field, with strong preference for Information security certifications from a well-recognized institution (e.g. OSCP, GMOB, GWAPT, OSWE) • Secure coding and architecture understanding • Proficiency in at least one scripting language • Proficiency in documenting reproducible steps for technical accurate findings

🏖️ Vorteile

• Health insurance • Tuition reimbursement • Accident and life insurance • Retirement savings plans