Penetration Tester

  • Posted 1 day ago | Updated moments ago

Overview

Remote
Hybrid
BASED ON EXPERIENCE
Contract - Independent
Contract - W2

Skills

PENETRATION TESTER
PENETRATION TESTING
BANKING
FINANCIAL
FINANCE
BANK
OSCP
OSCE
GPEN
CISSP

Job Details

Job Title: Senior Penetration Tester (Banking Domain)
Location: United States (Remote)
Position Type: Long Term Contract

Any Visa. C2C or Corp to Corp is okay.

Job Summary:
We are seeking an experienced Penetration Tester with a strong background in the Banking domain to join our remote team. The ideal candidate will have at least 10 years of hands-on experience in penetration testing, vulnerability assessment, and security auditing for financial institutions. This is a client-facing role requiring excellent communication skills and a consultative approach to delivering actionable insights and solutions.

Key Responsibilities:
  • Conduct advanced penetration tests on web applications, APIs, mobile applications, networks, and infrastructure for banking and financial systems.
  • Identify, analyse, and document vulnerabilities, misconfigurations, and potential exploits.
  • Develop and deliver detailed technical reports and executive summaries outlining findings, impact, and recommendations for remediation.
  • Work closely with security architects, developers, and infrastructure teams to validate fixes and implement best practices.
  • Simulate real-world cyber-attacks to assess the security posture of critical banking applications and systems.
  • Stay up to date with the latest security threats, exploits, and industry trends specific to the banking sector.
  • Provide guidance and mentorship to junior testers and collaborate with cross-functional teams.
  • Ensure compliance with industry standards (e.g., PCI DSS, FFIEC, NIST).

Required Qualifications:
  • Minimum 10 years of professional experience in penetration testing, red teaming, or offensive security.
  • Proven expertise in penetration testing within the Banking or Financial Services domain.
  • Deep understanding of common attack vectors, exploits, and mitigation techniques.
  • Proficiency with industry-standard tools (e.g., Burp Suite, Metasploit, Nmap, Nessus, Cobalt Strike, etc.).
  • Strong knowledge of secure coding practices, application security frameworks, and threat modelling.
  • Relevant certifications preferred (e.g., OSCP, OSCE, GPEN, GWAPT, CISSP, CEH).
  • Excellent verbal and written communication skills to present findings to technical and non-technical audiences.
  • Ability to work independently and manage multiple projects remotely.

Employment Terms:
  • Visa: Open to any valid work visa in the US.
  • Engagement: C2C (Corp to Corp) or W2.
  • Location: 100% Remote (must be able to work in US time zones).
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Culinovo