×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Consultant Systems Engineer Cloud Computing

Sr Penetration Tester

Job in Brooklyn, Cuyahoga County, Ohio, USA
Listing for: KeyBank
Full Time position
Listed on 2025-12-19
Job specializations:
  • IT/Tech
    Cybersecurity, IT Consultant, Systems Engineer, Cloud Computing
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Sr Application Penetration Tester

Location: 4910 Tiedeman Road, Brooklyn Ohio

Job Profile Summary

Serves as a senior technical lead for application security pen tests, secure code reviews, application design reviews, threat modeling, and processes, tools, and security automation for the Corporate Information Security (CIS) Cyber Application and Cloud Defense team. Works closely with cloud, SaaS, and policy as code programs to ensure secure configuration baselines are defined, implemented, and monitored. All associated efforts are to promote and advance information security processes and culture, and must reflect compliance with best practices, applicable federal and industry regulations, as well as company information security policies and standards.

Job Description

Required Qualifications
  • Bachelor's degree preferred; equivalent experience of 8 or more years of combined experience within information technology or information security is acceptable
  • Qualified candidate will include 8+ years of broadly based progressive experience in information systems or information security environments or software engineering
  • Qualified candidate must have experience or be well-versed in development technologies such as Java, Node, or .NET frameworks and have a thorough understanding of web application design and frameworks.
  • Qualified candidate must be able to perform comprehensive static, dynamic, and manual application testing following industry-standard testing methodologies and has experience with one or more application review tools such as Snyk, Fortify, Checkmarx, Veracode, Burp Suite, Web inspect, Prisma Cloud, Prisma Compute, Cortex Cloud, CI/CD pipelines, or Git Lab security scanners.
  • Ability to be a technical lead for an enterprise-wide information security program and processes related to comprehensive application security testing, secure application design, application threat modeling, cloud security, SaaS security, and AI security.
  • A strong drive to follow new and emerging technologies and application design patterns, assess potential risks, and proactively drive adoption and implementation of appropriate controls by development and infrastructure teams
  • Must be able to use command line tools on Mac workstations.
  • Ability to write shell scripts, python scripts, Power Shell scripts, CI/CD pipeline tasks and implement automation workflows using APIs
  • Ability to build and sustain collaborative relationships with multiple constituencies
  • Ability to translate information security terminology into terms understandable to diverse groups
  • Excellent written and oral communication skills
  • Excellent analytical and problem-solving skills
  • Excellent facilitation and negotiation skills
  • Ability to work independently
  • Ability to multi-task and manage competing priorities
  • Detail oriented
  • Commitment to teamwork
  • Ability to drive Continuous Improvement efforts
Preferred Skills
  • Background in application security, application design patterns, Dev Sec Ops  practices, cloud security, Dev Sec Ops  practices, SaaS security, and AI security
  • Strong technical knowledge of application development practices and ability to work closely with development and infrastructure teams
  • Ability to threat model applications and emerging technologies
  • Knowledge of existing AI design patterns, risks, and controls
  • Knowledge of AI-related attacks and ability to pen test applications using AI technology
  • Able to guide application and infrastructure teams on application security remediation
  • Able to manage development projects with work intake, sprints, and planned releases
  • Background in information security and or organizational communication within the financial services industry
  • Understanding of federal and industry regulations associated with information security, such as Sarbanes-Oxley, HIPAA, GLBA, etc.
  • Understanding of application security and cloud security frameworks and standards, such as NIST, CIS, CSA, OWASP, etc.
  • Knowledge of systems architecture such as network and distributed systems, and or mainframe systems
  • Knowledge of security services such as firewalls, IDS, vulnerability assessment, and authentication
  • Professional certification (GWAPT, OSWE, BSCP, CISSP, or Google Professional Cloud Security…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search