Expoint - all jobs in one place

המקום בו המומחים והחברות הטובות ביותר נפגשים

Limitless High-tech career opportunities - Expoint

Bank Of America Senior Manual Ethical Hacker 
Ireland, Dublin 
210314291

25.06.2024


Responsibilities:

  • Understanding the requirements of our applications and why/how we use them.
  • Testing applications using a variety of tools to identify vulnerabilities that could expose the Bank to risk
  • Monitoring existing and proposed security standard setting groups
  • Conducting meetings to communicate the findings and implications and set realistic timescales for remediation
  • Providing technical support to clients, management and staff throughout risk assessments and the implementation of appropriate data security procedures and products
  • Acting as a SME, providing guidance and knowledge to reduce the vulnerabilities and risk when apps are being created
  • Sharing knowledge with technical and non-technical colleagues through training sessions
  • Risk management

What we are looking for:

  • One or more of the following certifications(desirable): CISSP, CJEH, OSCP or qualified work experience
  • Proven professional experience in Ethical Hacking or Cyber Security
  • Expert level experience and very detailed technical knowledge in at least 3 of the following areas: general information security; security engineering; application architecture; authentication and security protocols; applications session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services.
  • Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, can use scripting/coding techniques, proficiently execute common penetration testing tools, triage and support incidents, and produce high-value findings
  • Experience in conducting web application ethical hacking assessments.
  • Ability to demonstrate manual web application testing experience i.e. must be able to simulate a SQL inject/Cross-site script attack without the use of tools
  • Knowledge of network and Web related protocols/technologies (e.g. UNIX/LINUX, TCP/IP, Cookies)
  • Experience with vulnerability assessment tools and penetration testing techniques
  • Solid programming/debugging skills.
  • Experience of using a variety of tools, included, but not limited to, IBM AppScan, Burp and SQL Map
  • Ability to learn and apply critical thinking in a variety of situations.
  • Effective written and oral communication skills
  • Ability to multitask and handle multiple projects

Nice to have:

  • Scripting skills desirable

  • Private healthcare for you and your family plus an annual health screen to help you manage your physical wellness with the option to purchase a screen for your partner
  • Competitive pension plan, life assurance and group income protection cover if you become unable to work as a result of a disability or health reasons
  • 20 days of back-up childcare and 20 days of back-up adult care per annum
  • The ability to change your core benefits as well as the option of selecting a variety of flexible benefits to suit your personal circumstances including access to a wellbeing account, travel insurance, critical illness etc.
  • Access to an Employee Assistance Program for confidential support and help for everyday matters
  • Access to free counselling through the Employee Assistance Program and virtual GP services through our private health care plan
  • Ability to donate to charities of your choice and the bank will match your contribution
  • Opportunity to access our Arts & Culture corporate membership program and receive discounted entry to some of Ireland’s most iconic cultural institutions and exhibitions.
  • Opportunity to give back to your community, develop new skills and work with new groups of people by volunteering in your local community.

We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements.