Talent.com
No longer accepting applications
Application Security Penetration Tester

Application Security Penetration Tester

Charles SchwabPHOENIX, Arizona, United States
16 days ago
Job type
  • Full-time
Job description

Position Type : Regular

Your opportunity

At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site in the specified location(s).

The Schwab Cybersecurity Services team is seeking an Application Penetration Tester.  This is an excellent opportunity to work with a growing team of Application Security professionals who strive to deliver solutions that exceed the expectations of our clients and measurably improve Schwab’s risk management practices.

You will work closely with application development teams other teams within application security, and other cyber security teams to foster the development of secure, resilient, and reliable software for external users and Schwab’s internal workforce.

Lead testing efforts on web and mobile applications and supporting systems.

  • Replicate the actual techniques and tools used by malicious attackers in an effort to model potential external threats.
  • Upon completion of the assessment, you will prepare reports and present the results to application owners, developers, and business unit information security teams.
  • Analyze test results, draw conclusions from results, and develop targeted exploit examples.
  • Consult with operations and software development teams to ensure potential weaknesses are addressed.
  • Contribute to the research or development of tools to assist in the vulnerability discovery process.
  • Collaborate with other teams within Enterprise Cybersecurity to improve the overall security of applications and infrastructure.
  • Stay current on security best practices and vulnerabilities.

What you have

Required Qualifications :

  • Bachelor’s degree
  • 5+ years of IT experience
  • Preferred 3+ years of hands-on web application penetration testing / ethical hacking experience
  • Preferred : OSCP, GWAPT, GXPN, GPEN, LPT, CEH, CISSP or other industry security certifications.
  • Ability to demonstrate manual testing experience including all of OWASP Top 10
  • Intermediate knowledge of application security mechanisms such as authentication and authorization techniques, data validation, and the proper use of encryption
  • Technical knowledge of, and the ability to recognize, various types of application security vulnerabilities.
  • Demonstrated experience with common penetration testing and vulnerability assessment tools such as nmap, Wireshark, Nessus, NeXpose, BackTrack, Metasploit, AppScan, WebInspect, Burp Suite Professional, Acunetix, Arachni, w3af, NTOSpider
  • Intermediate knowledge of a programming or scripting language such a C, C#, Python, Objective C, Java, Javascript, SQL,
  • Intermediate knowledge of Web Services technologies such as XML, JSON, SOAP, REST, and AJAX
  • Intermediate knowledge of web frameworks, including XML, SOAP, J2EE, JSON and Ajax
  • Experience with Enterprise Java or .NET web application frameworks, including Struts and Spring
  • Proven analytical and problem-solving skills, as well as the desire to assist others in solving issues
  • Excellent interpersonal skills with a strong interest in the application security domain
  • Excellent communication and presentation skills and a proven ability to communicate threats and facilitate progress towards long-term remediation.
  • Highly motivated with the willingness to take ownership / responsibility for their work and the ability to work alone or as part of a team.

    • In addition to the salary range, this role is also eligible for bonus or incentive opportunities.

    What’s in it for you

    At Schwab, we’re committed to empowering our employees’ personal and professional success. Our purpose-driven, supportive culture, and focus on your development means you’ll get the tools you need to make a positive difference in the finance industry. Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.

    We offer a competitive benefits package that takes care of the whole you – both today and in the future :

  • 401(k) with company match and Employee stock purchase plan
  • Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions
  • Paid parental leave and family building benefits
  • Tuition reimbursement
  • Health, dental, and vision insurance
    • Create a job alert for this search

    Penetration Tester • PHOENIX, Arizona, United States

    Related jobs
    Penetration Tester (Team Lead)

    Penetration Tester (Team Lead)

    Charterhouse Pte LtdSingapore, Michigan, Singapore
    Full-time
    Tester (Team Lead) - Min 8 years.Available junior penetration tester roles for candidates with lesser experience.We are looking for a Lead to guide and oversee advanced penetration testing and red ...Show moreLast updated: 30+ days ago
    • Promoted
    Security Architect – Application Security / Threat Modeling

    Security Architect – Application Security / Threat Modeling

    Vaco by HighspringGlendale, Arizona, United States
    Permanent
    Vaco has partnered with a growing, product-driven company in the health & wellness space that’s actively maturing their security posture as they expand into new global markets.This newly defined Se...Show moreLast updated: 30+ days ago
    Application Security Architect

    Application Security Architect

    DatavantUnited States
    Remote
    Full-time
    Datavant is a data logistics company for healthcare whose products and solutions enable organizations to move and connect data securely. We are a data logistics company for healthcare whose products...Show moreLast updated: 30+ days ago
    Senior Security Engineer, Application Security

    Senior Security Engineer, Application Security

    Trail of BitsUS
    Remote
    Full-time
    Quick Apply
    Founded in 2012 by 3 expert hackers with no investment capital, Trail of Bits is the premier place for security experts to boldly advance security and address technology’s newest and most challengi...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Specialist, MAST Application Penetration Tester

    Senior Specialist, MAST Application Penetration Tester

    KPMGTempe, AZ, United States
    Full-time
    KPMG Advisory practice is currently our fastest growing practice.We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market envi...Show moreLast updated: 23 hours ago
    Associate Penetration Tester

    Associate Penetration Tester

    FortraUnited States
    Full-time
    Ready to join us? Let's get started.The Associate Penetration Tester is responsible for performing security-related services for Digital Defense clients. Within Offensive Security Operations, the As...Show moreLast updated: 30+ days ago
    Associate Director, Application Security

    Associate Director, Application Security

    AIA SingaporeSingapore, Michigan, Singapore
    Full-time
    Associate Director, Application Security.At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone. As pioneering innovators for over 100 years, we’re now...Show moreLast updated: 30+ days ago
    Application Security Officer (Cloud Security, Cyber-Security, DevOps Infrastructure Security)

    Application Security Officer (Cloud Security, Cyber-Security, DevOps Infrastructure Security)

    Antaes Consulting SASingapore, Michigan, Singapore
    Permanent
    Application Security Officer (Cloud Security, Cyber-Security, DevOps Infrastructure Security).Manage the risks of the Cloud-related projects. Act as an IT Risk, Continuity & CyberSecurity Lead on th...Show moreLast updated: 30+ days ago
    Application Security Architect

    Application Security Architect

    Cross Boarder TalentsTempe, Arizona, United States
    Permanent
    Location : Tempe, AZ Employment Status : Permanent Department : IT and Computer Job descriptionSummary of This Role Responsibilities range from auditing code, architecture and databases used in custom...Show moreLast updated: 30+ days ago
    Application Security Engineer

    Application Security Engineer

    PodiumUS
    Remote
    Full-time
    At Podium, our mission is to help local businesses win.Our lead conversion platform, powered by AI and integrations, helps local businesses convert leads faster, communicate easier, and make more s...Show moreLast updated: 30+ days ago
    Sr Security Engineer, Stores Penetration Testing

    Sr Security Engineer, Stores Penetration Testing

    Amazon.com Services LLCUS, TX
    Full-time
    Amazon’s Stores Penetration Testing Team is seeking a Senior Security Engineer to help keep Amazon secure for its customers. In this role, you will attack Amazon’s services, applications, and websit...Show moreLast updated: 30+ days ago
    Penetration Tester

    Penetration Tester

    AiritosUS
    Temporary
    Quick Apply
    Penetration Tester Location : Remote in PST, MST or CST Type : 6 Month Contract to Hire Position Overview : The primary responsibility of the Sr. DevSecOps Engineer – Cyber Security i...Show moreLast updated: 30+ days ago
    Mobility Application Security

    Mobility Application Security

    GBIT,US
    Full-time
    Mobility Application Security requirements (Mobility Development Security Life cycle, Encryptions, Regularity compliance, offline storage etc. Mobility Device Management requirements - MDM .Secured ...Show moreLast updated: 30+ days ago
    Application Security Engineer

    Application Security Engineer

    ASM ResearchRemote, US
    Remote
    Full-time
    Evaluates application security in all phases of the software development life cycle.Works closely with team members to define application security best practices, performs software architecture and...Show moreLast updated: 30+ days ago
    Manager, Application Security

    Manager, Application Security

    Starhub LtdSingapore, Michigan, Singapore
    Full-time
    Press Tab to Move to Skip to Content Link.Select how often (in days) to receive an alert : .The role is responsible for designing, developing, and implementing secured application architecture.As an ...Show moreLast updated: 30+ days ago
    Application Security Architect

    Application Security Architect

    PayPalScottsdale, AZ, United States
    Full-time
    The CompanyPayPal has been revolutionizing commerce globally for more than 25 years.Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, P...Show moreLast updated: 30+ days ago
    • Promoted
    Application Security Engineer

    Application Security Engineer

    VirtualVocationsScottsdale, Arizona, United States
    Full-time
    A company is looking for a mid to senior-level Application Security Engineer to identify, validate, and remediate security risks across a multi-language environment. Key Responsibilities Own and d...Show moreLast updated: 30+ days ago
    IT Security Tester

    IT Security Tester

    Cullerton GroupRemote, IL, US
    Remote
    Part-time
    Quick Apply
    Cullerton Group has a new opportunity for an IT Security Tester.This is a part-time job, 10 - 20 hours / week.The work will be done remotely. Based on the Chicagoland area and capable of working remo...Show moreLast updated: 30+ days ago