Capitol One Bank Jobs – Penetration Tester

Website Capital One

Job Description:

We are currently looking at add a Penetration Tester to our Offensive Security team. This role combines technical hands-on expertise with the ability to contribute to an overall success strategy based around innovation and results. As a Penetration Tester you will be part of a team responsible for collaborating closely with Software Engineering teams through application penetration testing and assisting remediation guidance activities to enable the UK Business.

Job Responsibilities:

  • Be part of the delivery of penetration testing / security assessments.
  • Collaborate closely with the business throughout remediation including influencing stakeholders and delivery teams on prioritisation of security activities and issue remediation.
  • Establish effective and productive relationships with colleagues across the Global Cyber organisation and technology departments as well as the UK business.
  • Empower the delivery team’s resources by promoting application security awareness and standards through training, mentoring and vulnerability demos.
  • Establish credibility throughout the organisation by earning a reputation for being a proactive member of the Cyber Security delivery team.
  • Contribute to findings, risks and conclusions that will be presented to technical and non-technical audiences.

Job Requirements:

  • Scripting and development experience is highly desirable.
  • Technical knowledge of cloud hosting and penetration testing techniques of cloud based applications. Familiarity with AWS is desirable.
  • Strong experience in penetration testing and/or application security engineering is a must.
  • Working knowledge and experience in securing and developing web applications, APIs/web services and mobile apps.
  • Familiarity with penetration testing tools such as BurpSuite, OWASP Zap, SoapUI etc.
  • Confident knowledge of Web, API and mobile application security testing frameworks and methodologies.
  • Exposure to software engineering, system and network security, authentication and security protocols, cryptography, and network/web related protocols (e.g., TCP, UDP, HTTP, HTTPS)
  • Appreciation of application security best practices including OWASP Top 10 and OWASP Mobile Top 10.
  • Experience with static analysis, security code review, security automation and security training is desirable.

Job Details:

Company: Capital One

Vacancy Type: Full Time

Job Location: London, England, United Kingdom

Application Deadline: N/A

Apply Here

 Report Job