Sr. Penetration Tester
Named one of Austin’s fastest-growing companies and one of the best places to work for 10 consecutive years, Q2 offers our employees a culture fueled by engaged, motivated, and dedicated team members. We’re dedicated to our mission: to build strong and diverse communities by strengthening their financial institutions. We do it with our purpose-driven culture, and by helping banks and credit unions stand apart in their communities.
We are looking for a smart, passionate, and experienced Penetration Tester with a broad range of experience working in dynamic enterprise environments. Do you want to utilize your hard-won offensive security experience to drive security posture improvements across our organization? As a Penetration Tester, you will do that and more!
This role will be responsible for performing penetration testing, and adversary emulation. The ideal candidate will have previous experience in the following areas: network, web application, and cloud-centric penetration testing. Ability to influence change across functions and apply critical thinking skills are key success factors. Exceptional technical, communication and negotiation skills are necessary for this role, as you will need to perform advanced technical assessments, translate highly technical concepts into business impact and make remediation recommendations.
Responsibilities
- Prioritize, lead, and perform advanced penetration testing for network, web applications, business application, and cloud infrastructure
- Work closely with application development to threat model new features as they are being developed and use that as input into their white-box assessment of the application
- Guide the team in the development of technical frameworks, tools and execution of pen tests
- Build processes to coordinate pen tests and establish remediation cadence cross-functions
- Be a standout colleague who enjoys collaborating with, learning from, mentoring, and teaching other team members to create a positive work environment
- Foster a collaborative environment across diverse teams
Requirements
- At least 4 years experience in an IT or security function, with at least 2 years of hands-on experience in a penetration testing role
- Expertise in Azure, C#/ .NET
- Experience with Python, PowerShell, or similar scripting language
- Experience using industry-standard offensive security tools
- You have proven experience pen testing in web applications, network and cloud computing solution (AWS, Azure, Kubernetes)
- You have a proficiency with enterprise operating systems, including Linux and Windows
- You have practical experience with assessing encryption, IAM systems, VPN and authentication technologies
- You have extensive knowledge of TCP/IP networking and packet analysis
- You pride yourself on your proven attention to detail
- Excellent, efficient problem-solving skills
- Strong familiarity with at least one of the following OWASP Top 10, PTES, or NSA Vulnerability and Penetration Testing Standards
At Q2, our goal is to be a diverse and inclusive workforce that fosters mutual respect for our employees and the communities we serve. Q2 is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.