Pathward Financial Inc.
IT Security Engineer III
Pathward Financial Inc., Dallas, Texas, United States, 75215
About the Role:
We are seeking a skilled and motivated offensive focused Security Engineer to join our cybersecurity team. In this role, you will be responsible for identifying, analyzing, and exploiting vulnerabilities in various systems, networks, and applications to improve our overall security posture. You will work closely with our blue team (defensive security team) to enhance security measures and mitigate potential threats.
What You Will Do:
Penetration Testing:
Perform in-depth penetration testing of networks, web applications, APIs, mobile applications, and other systems to identify security vulnerabilities.
Red Team Operations:
Participate in or lead red team exercises to simulate advanced persistent threats (APTs) and real-world attack scenarios.
Vulnerability Assessment:
Conduct security assessments, vulnerability scanning, and analysis of systems and applications.
Reporting:
Document and report findings in a clear, concise manner, providing actionable recommendations to stakeholders for remediation.
Tool Development:
Develop, customize, and utilize tools, scripts, and exploits to assist in penetration testing activities.
Collaboration:
Work closely with the defensive security team to ensure vulnerabilities are properly mitigated and to improve overall security defenses.
Research:
Stay up-to-date with the latest cybersecurity threats, attack vectors, and vulnerabilities, and contribute to research initiatives.
Security Advisory:
Provide expert guidance and support to clients or internal teams on security best practices and risk management strategies.
Audit Support:
Assist with external information security audits for regulatory compliance with government entities such as the Office of the Comptroller of the Currency (OCC), Payment Card Industry (PCI) audits, and penetration testing.
Other duties as assigned.
What You Will Need:
Bachelor's degree or equivalent education and work experience.
Relevant certifications such as OSCP (Offensive Security Certified Professional), OSCE (Offensive Security Certified Expert), CEH (Certified Ethical Hacker), or similar.
5+ years of experience in penetration testing, red teaming, or a similar offensive security role.
Experience with various penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, Nessus).
Proven ability to conduct advanced red team exercises in cloud infrastructures, simulating real-world attack scenarios.
Familiarity with scripting languages (e.g., Python, Bash, PowerShell).
Extensive experience with AWS, Azure, or GCP, including security assessments and penetration testing of cloud environments.
Knowledge of advanced attack techniques (e.g., buffer overflows, privilege escalation, lateral movement).
The responsibilities listed above are not all inclusive and may be changed at any time.
#J-18808-Ljbffr
We are seeking a skilled and motivated offensive focused Security Engineer to join our cybersecurity team. In this role, you will be responsible for identifying, analyzing, and exploiting vulnerabilities in various systems, networks, and applications to improve our overall security posture. You will work closely with our blue team (defensive security team) to enhance security measures and mitigate potential threats.
What You Will Do:
Penetration Testing:
Perform in-depth penetration testing of networks, web applications, APIs, mobile applications, and other systems to identify security vulnerabilities.
Red Team Operations:
Participate in or lead red team exercises to simulate advanced persistent threats (APTs) and real-world attack scenarios.
Vulnerability Assessment:
Conduct security assessments, vulnerability scanning, and analysis of systems and applications.
Reporting:
Document and report findings in a clear, concise manner, providing actionable recommendations to stakeholders for remediation.
Tool Development:
Develop, customize, and utilize tools, scripts, and exploits to assist in penetration testing activities.
Collaboration:
Work closely with the defensive security team to ensure vulnerabilities are properly mitigated and to improve overall security defenses.
Research:
Stay up-to-date with the latest cybersecurity threats, attack vectors, and vulnerabilities, and contribute to research initiatives.
Security Advisory:
Provide expert guidance and support to clients or internal teams on security best practices and risk management strategies.
Audit Support:
Assist with external information security audits for regulatory compliance with government entities such as the Office of the Comptroller of the Currency (OCC), Payment Card Industry (PCI) audits, and penetration testing.
Other duties as assigned.
What You Will Need:
Bachelor's degree or equivalent education and work experience.
Relevant certifications such as OSCP (Offensive Security Certified Professional), OSCE (Offensive Security Certified Expert), CEH (Certified Ethical Hacker), or similar.
5+ years of experience in penetration testing, red teaming, or a similar offensive security role.
Experience with various penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, Nessus).
Proven ability to conduct advanced red team exercises in cloud infrastructures, simulating real-world attack scenarios.
Familiarity with scripting languages (e.g., Python, Bash, PowerShell).
Extensive experience with AWS, Azure, or GCP, including security assessments and penetration testing of cloud environments.
Knowledge of advanced attack techniques (e.g., buffer overflows, privilege escalation, lateral movement).
The responsibilities listed above are not all inclusive and may be changed at any time.
#J-18808-Ljbffr