🌎
This job posting isn't available in all website languages

Cybersecurity Pentester

📁
Computer Ops
📅
732 Total Views
Apply for Job
Recommend to a Friend
Sign Up for Job Alerts

Join Us as We Make Possibilities Happen
 

Every action we take as 1ACI redefines what’s possible. As Innovators, we Envision possibilities. As Developers, we Build possibilities. As Leaders, we Empower possibilities.

At ACI, we’re not just driving payments at the speed of change.

We’re Making Possibilities Happen.

 

Our people are the core of our business. Our 1ACI team represents a globally diverse, passionate and dedicated group of thousands of individuals around the world who share a common commitment to making our customers successful by driving the future of payments. As a Penetration Tester in Omaha or Norcross you can help make possibilities happen.


Summary:

Protects the confidentiality and availability of software, systems and information owned, controlled, used and managed by the company. Responsible for performing penetration testing and vulnerability assessments within a team environment. Conducts formal tests on web-based and traditional applications, networks/infrastructure, mobile, source code reviews, threat analysis, wireless network assessments and other technology. Performs the daily operation of the team including vulnerability identification, risk assessments, vulnerability remediation, and validation testing. Will provide actionable recommendations and guidance for the business based on the assessment findings.


Responsibilities:
  • Understands and adheres to all corporate policies to include but not limited to ACI Code Business of Conduct and Ethics and Global Information Security.
  • Performs internal penetration testing and external red teaming of networks, systems, and applications within agreed scope and rules of engagement.
  • Runs Web application vulnerability software to detect security issues in web applications.
  • Analyzes output of web application test scans to determine valid security issues.
  • Conducts regular meetings with business unit stakeholders to assess remediation efforts from the findings of the pentest.
  • Gathers security related information across multiple electronic, computer and development environments.
  • Identifies, summarizes, reviews, and reports potential/actual actions that may jeopardize information security environments.
  • Participates in information security audits to proactively minimize and eliminate information security vulnerabilities.
  • Uses penetration testing methodologies to validate the remediation of vulnerabilities and misconfiguration issues.
  • Reviews Application Code reports on vulnerabilities.
  • Performs extensive internal network reconnaissance with the correlation of data from SIEM, scanning applications, network monitoring devices, host applications, etc.
  • Performs Web application testing focused on http/https vulnerabilities, TLS, application level like XSS, SQL, cross site scripting.
  • Perform other duties as assigned.
  • Understand and Adhere to all Corporate Policies to include but not limited to ACI Code of Ethics and Global Information Security.

Minimum Requirements:

  • Bachelor's degree in computer science, MIS, or related field or equivalent experience.
  • 1-3 years’ experience in information security in various security disciplines.
 

Preferred Skills:

  • Possess one of the following or ability to obtain one of the following certifications within one year of hire; CEH, OSCP, GPEN, OSCE, CISSP
  • Solid understanding of OWASP and other software security best practices.
  • Strong technical ability in both manual and automated approaches to penetration testing.
  • Knowledge of threat modeling methodologies.
  • Knowledge of social engineering techniques and methodologies.
  • Detailed knowledge and experience with exploiting vulnerabilities in a corporate (enterprise) environment.
  • Experience with assessment tools, such as scanners, administrative utilities, local proxies, debuggers, fuzzers, etc.
  • Excellent problem solving, planning and interpersonal skills.
  • Ability to interpret internal and external business challenges and recommend best practices.
  • Skilled experience with major operating systems, such as Windows, UNIX, Linux OS including administration and security.
  • Intermediate experience with multiple penetration tools, such as: Burp, OWASP ZAP, NMAP, OpenVAS, OpenSSL, Cobalt Strike, SQLmap, Pupy, Mimikatz, Metasploit, etc.
  • Intermediate experience with programming languages, shell scripting to automate tasks, such as C++, Perl, and Python or Ruby.
  • Knowledge of attack method types and their usage in targeted attacks, such as malware, vulnerabilities, application vulnerabilities, lateral movement, etc.
  • Experience creating reports with detailed penetration test findings, descriptions, reproduction steps, and mitigation recommendations.
  • Experience in reconnaissance (network & system), weaponization, exploitation, and lateral movement (post exploitation activities), Wi-Fi, malware, packet analysis, reverse engineering.
  • Ability to prioritize and re-prioritize tasks in a rapidly changing environment.
  • Strong written and verbal communication skills and a solid understanding of IT Security concepts to include security operations.
  • Knowledge of network protocols, data flows and vulnerabilities.
  • Knowledge of PCI and other industry compliance standards.
 

Benefits:  In return for your expertise, we offer growth, opportunity, and a competitive compensation and benefits package in a casual work environment.

 

Are you ready to help us transform the world of electronic payments? To learn more about ACI Worldwide, visit our web site at www.aciworldwide.com.

 

ACI Worldwide is an AA/EEO employer in the United States, which includes providing equal opportunity for protected veterans and individuals with disabilities, and an EEO employer globally.


Previous Job Searches

Activity Feed

4720
Job shares through ACI Worldwide
Someone applied to the Software Engineer position as a result of a referral. Less than a minute ago
Someone applied to the Technical Support Analyst position. About a minute ago
Someone applied to the Software Engineer position as a result of a referral. 2 minutes ago
Someone applied to the Software Engineer position as a result of a referral. 2 minutes ago
Someone applied to the Sr Quality Assurance Engineer position. 42 minutes ago