Penetration Testing Engineer III

Position Summary

Penetration Engineer III will manage program assessments, ensuring compliance with security requirements and federal regulations. The role conducts in-depth security assessments and penetration tests of business critical and high‑risk assets, identifies and exploits vulnerabilities, and delivers technical debriefs to enable remediation. The engineer evaluates and maintains testing tools, hardware, and equipment, creating new tools where appropriate.

Manage a program assessment (scoping) from initial planning, scheduling, and communications with systems owners and related stakeholders through to final reporting. Prepare required assessment documentation. Assist in process improvement and automation for the assessment methodology. Conduct assessments of client and contractor hardware to ensure compliance with security requirements. Analyze and determine compliance with applicable federal and legislative regulations. Partner with cyber security and development teams to identify businesses critical/high‑risk assets including web/mobile applications, servers, network, point of sales machines, and robots.

Perform in‑depth security assessments and penetration testing per OWASP top 10, SANS top 25, HIPAA, PCI DSS standards. Identify and exploit vulnerabilities in commercial, open source, and custom software applications, infrastructure, people, and processes. Compose test reports and record vulnerability data according to Governance, Risk, and Compliance (GRC) processes. Deliver technical debriefs to engineers/developers to help them fix identified vulnerabilities.

Penetration Engineer III

Job Location:

805 Moberly Lane, Bentonville, AR 72716

Perform in‑depth security assessment/penetration testing of business critical and high‑risk assets as per OWASP Top 10; manage a program assessment (scoping) from initial planning, scheduling, and communications with systems owners and related stakeholders through to final reporting; deliver technical debriefs to engineers/developers, which helps them fix identified vulnerabilities; manual and automated vulnerability assessment of web applications using Burp Suite, Post Man, Micro Focus Fortify, Nik, Skipfish, SSLScan, Dir Buster, Flagfox, Wappalyzer, Live HTTP Header, and Tamper Data, Kali Linux;

evaluate and maintain testing tools, hardware, and equipment, creating new tools where appropriate. Employer will accept any amount of experience with the required skills.

• Master’s degree or equivalent in Computer Science, Information Technology, Engineering, or related field plus 1 year of experience in information technology or related experience; OR
• Bachelor’s degree or equivalent in Computer Science, Technology, Engineering, or related field plus 2 years of experience in information technology or related experience; OR
• 4 years of experience in information technology or related experience.

• Perform in‑depth security assessment/penetration testing of business critical and high‑risk assets as per OWASP Top 10;
• Manage a program assessment (scoping) from initial planning, scheduling, and communications with systems owners and related stakeholders through to final reporting;
• Deliver technical debriefs to engineers/developers, which helps them fix identified vulnerabilities;
• Manual and automated vulnerability assessment of web applications using Burp Suite, Post Man, Micro Focus Fortify, Nikto, Skipfish, SSLScan, Dir Buster, Flagfox, Wappalyzer, Live HTTP Header and Tamper Data, Kali Linux;
• Evaluate and maintain testing tools, hardware, and equipment, creating new tools where appropriate.

Wal‑Mart is an Equal Opportunity Employer. At Walmart, we offer competitive pay with performance‑based bonus awards and other great benefits. Health benefits include medical, vision, and dental coverage. Financial benefits include 401(k), stock purchase, and company‑paid life insurance. Paid time off benefits include PTO (including sick leave), parental leave, family care leave, bereavement, jury duty, and voting. Other benefits include short‑term and long‑term disability, company discounts,…