Senior Penetration Tester, Assistant Vice President

  • MUFG,
  • Monterey Park, CA
company banner
Systems / Technology
Full Time
Work from home not available Travel not required

Job Description

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world (as ranked by S&P Global, April 2018) with total assets of over $2.9 trillion (106.2 (JPY) as of March 30, 2018) and 150,000 colleagues in more than 50 countries. In the U.S., we're 13,000 strong, working together to positively impact every customer, organization, and community we serve. We achieve this by delivering on our values, putting people first, fostering long-term relationships built on honesty and mutual understanding, and inspiring the best in each other. This is all part of our inclusive, high-performing culture supported by Total Rewards that include our cash balance pension plan. Join a team that's working to fulfill its vision to be the world's most trusted financial group.


We are looking for someone passionate and enthusiastic about penetration testing to join our team. We are a highly focused team, delivering exceptional results utilizing cutting edge tools and techniques.

Major Responsibilities:

The Senior Penetration Tester is a key position in safeguarding the bank's assets and reputation. Specifically, the position is responsible for:

  • Perform penetration testing on an ongoing and project basis

  • Ensure scope of security testing is accurate and complete

  • Document and communicate findings to stakeholders

  • Provide consultative service for business and development teams

  • Provide mentoring within penetration testing team

  • Contribute to application security strategy and tooling

  • Maintain knowledge and skillset relevant to trends in the industry

  • Contributing to the teams continuous improvement efforts
Required Qualifications

  • Expert level experience with web penetration testing

  • Ability to automate tasks and enhance common tools

  • Ability to risk rate and documenting technical issues.

  • Core IT engineering familiarity; system and network security, authentication and security protocols, and applied cryptography

  • Scripting or programming skills (Python, Powershell, Java, JS, etc.)

  • Strong network and web protocol knowledge

  • Advanced experience with application layer assessment tools, such as local proxies and fuzzers

  • Strong understanding of Unix, Windows and network security

  • Ability to work both independently and in a highly collaborative team environment

  • Able to clearly communicate security risks to both technicaldevelopers and business audiences

Beneficial Qualifications

  • Professional software development experience (1+ year)

  • Advanced level experience with mobile penetration testing

  • Financial industry experience or practical knowledge of financial and industry regulations and frameworks

  • OSCP, OSCE, GWAPT, GCIH, GPEN, CISSP certification is helpful, but not required

  • Network penetration testing (external & internal), to include vulnerability exploitation and pivoting to gain remote system access

  • Experience with Red Team or full scope exercises

  • Strong understanding of Secure Development Lifecycle and integrated security testing

  • Experience with source code review, wireless security, reverse engineering, static and dynamic security testing tools, or threat modeling

The above statements are intended to describe the general nature and level of the work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.

We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.

A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it's the bank's policy to only inquire into a candidate's criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for certain offenses.

Company Information

With its Americas headquarters located in New York City, MUFG combines the strengths and histories of Tokyo-based global powerhouse The Bank of Tokyo-Mitsubishi UFJ, Ltd. and other MUFG entities in the Americas, including California-based Union Bank. Together we offer banking solutions to customers across the United States, Canada, and Latin America. Our 14,000 colleagues based in the Americas leverage our regional presence, expertise and global network to unlock financial and business opportunities for our individual, commercial and corporate businesses, and institutions. Our deeply rooted values in integrity, respect, service, collaboration, inclusion and stewardship ensure that our focus is always on service to our customers and communities. MUFG is one of the world’s leading financial groups. With over 350 years of growing the financial health of the world’s greatest businesses, Mitsubishi UFJ Financial Group (MUFG) has a global network of 1,100 offices and 300 entities in more than 40 countries. Our promise is simple. We serve our communities, foster economic growth and aim to become the preferred trusted financial advisers to our customers. Together, we have the unmatched expertise and global capabilities to meet the diversified needs of all our customers in the Americas and worldwide.
Dice Id : uboc
Position Id : 10023867-WD-SECONDARY-63