Penetration Tester, Associate
Company: Santander Holdings USA Inc
Location: Avon
Posted on: October 9, 2024
|
|
Job Description:
Penetration Tester, AssociateCountry: United States of
AmericaThis role is the Technical/Penetration Tester within
Santander North America, covering both the US and Mexico. The
Technical Tester develops, designs, matures and executes service. A
successful candidate will have verifiable experience in offensive
security, threat hunting, attack simulation, programming, and
leadership. Strong technical capabilities and an understanding of
the application to the organization while recognizing operational
impact is important as this is a key function of the role to work
closely with defensive partners. This role is key to us maturing
and growing our overall program and will have a lot of external
visibility. Bilingual Spanish is a plus.
Responsibilities:
Provide knowledge leadership in the coordination of third parties
for Pentesting exercises.
Provide deep subject matter expertise for Ethical Hacking
Techniques.
Analyze test results and providing feedback to the owners of
services / infrastructure & stakeholders
Advanced knowledge of threat intelligence & vulnerability
management
Collaborate with various groups and individuals to follow up
remediation plans for vulnerabilities identified during automated
Pentesting exercises.
Assist in incident response efforts by providing expertise and
insights gained from ethical hacking activities to mitigate and
remediate security incidents effectively.
Maintain detailed documentation of processes, methodologies, and
findings related to ethical hacking activities.
Provides advisory support for regulatory examinations and audits by
defining the how and why for all implemented decisions; ensures all
requested documentation is provided.
Qualifications:
5+ years of relevant experience with most of the requirements
below
Extensive experience working with Offensive Security Methodologies
and Attack Simulation Techniques
Offensive Security testing tools. e.g., Cobalt Strike, Bloodhound,
Red Team Toolkit
Experience leveraging the MITRE ATT&CK Framework
Vulnerability Assessment tools. e.g., Nessus, Qualys, Rapid7
Exploitation frameworks, e.g., Metasploit, CANVAS, Core Impact
Social Engineering campaigns. e.g. email phishing, phone calls,
SET
Deep understanding of OSI model
Security devices, i.e. Firewalls, VPN, AAA systems
OS Security. e.g. Unix/Linux, Windows, OSX
Understanding of common protocols. e.g. HTTP, LDAP, SMTP, DNS
Web application infrastructure. e.g. Application Servers, Web
Servers, Databases
Web development and programming languages. e.g. Python, Perl, Ruby,
Java, .Net
Proven experience with attack simulation and threat hunting is a
must.
Advanced Microsoft Office skills preferred.
Demonstrated ability to collaborate with a variety of analytical
groups and service delivery organizations.
Advanced analytical and problem-solving skills
Consistently demonstrates clear and concise written and verbal
communication.
Preferred Certifications: PNPT, OSCP, OSCE, GXPN, GPEN, GCIH,
GWAPT, GCFA, or CISSP
Proficient in interpreting and applying policies, standards, and
procedures.
Diversity & EEO Statements: At Santander, we value and respect
differences in our workforce and strive to increase the diversity
of our teams. We actively encourage everyone to apply.
Santander is an equal opportunity employer. All qualified
applicants will receive consideration for employment without regard
to race, color, religion, sex, sexual orientation, gender identity,
national origin, genetics, disability, age, veteran status, or any
other characteristic protected by law.
Working Conditions: Frequent Minimal physical effort such as
sitting, standing, and walking. Occasional moving and lifting
equipment and furniture is required to support onsite and offsite
meeting setup and teardown. Physically capable of lifting to fifty
pounds, able to bend, kneel, climb ladders.
Employer Rights: This job description does not list all the job
duties of the job. You may be asked by your supervisors or managers
to perform other duties. You may be evaluated in part based upon
your performance of the tasks listed in this job description. The
employer has the right to revise this job description at any time.
This job description is not a contract for employment and either
you or the employer may terminate at any time for any reason.
The base pay range for this position is posted below and represents
the annualized salary range. For hourly positions (non-exempt), the
annual range is based on a 40-hour work week. The exact
compensation may vary based on skills, experience, training,
licensure and certifications and location.
Base Pay Range
Minimum:
$94,500.00 USDMaximum:
$130,000.00 USD
Primary Location: Dorchester, MA, Dorchester
Other Locations:
Massachusetts-Dorchester,Florida-Miami,Texas-Dallas
Keywords: Santander Holdings USA Inc, Nantucket , Penetration Tester, Associate, IT / Software / Systems , Avon, Massachusetts
Click
here to apply!
|