Red Team - Penetration Testing Engineer

  • Competitive
  • Charlotte, NC, USA Charlotte NC US
  • Permanent, Full time
  • Bank of America Corporation
  • 18 Mar 18 2018-03-18

Red Team - Penetration Testing Engineer

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

As an experienced professional, performs research, analysis, and testing of computer/network vulnerabilities via vulnerability assessment, penetration testing, and/or social engineering across a wide variety of platforms and systems. Clearly outlines and documents risk impacts of test findings in reports. Assists Lines of Businesses with questions regarding vulnerabilities and remediation efforts.

Successful candidate will be a team-oriented individual with excellent communication skills at explaining the "so what?" of a vulnerability issue to a non-technical audience.

Individual will be expected to work with other members of Global Information Security, technical stakeholders, risk partners, and executive leadership to ensure that risk is identified and remediated across a variety of Lines of Businesses.

Required Skills:
Must possess 5 + years of experience in the following areas:

  • Must have experience and be very proficient with the common tools associated with penetration testing (Metasploit, Burp Suite, etc)
  • Must be a subject matter expert in the principles of all-source intelligence analysis and the associated tools (Maltego, ReconNG, etc)
  • Must have a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals
  • Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
  • Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
  • Must be able to both work independently as well as effectively work in teams with individuals with a variety of skills and backgrounds
  • Must be able to convincingly demonstrate a passion for all matters Information Security in general and Red Teaming and penetration testing in particular

1st shift (United States of America)

Hours Per Week: