×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Penetration Testing Engineer- VP

Job in Clifton, Passaic County, New Jersey, 07015, USA
Listing for: State Street
Full Time position
Listed on 2026-06-27
Job specializations:
  • Engineering
    Cybersecurity
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 120000 - 202500 USD Yearly USD 120000.00 202500.00 YEAR
Job Description & How to Apply Below

Who We Are Looking For

We are seeking a Senior Penetration Testing Engineer to join State Street’s Penetration Testing Team, reporting to the Penetration Testing Team Manager. This role sits within the Threat Intelligence and Assurance organization and is a deeply technical engineering position with strong hands‑on expectations.

As a subject‑matter expert in application penetration testing, you will execute detailed assessments, contribute to the design and oversight of network penetration testing with third‑party providers, and build rigorous, repeatable testing approaches that evaluate security controls and real‑world exploitability across complex systems. You will operate in a highly regulated banking environment, ensuring testing outputs are technically sound, evidence‑based, and aligned to risk and audit expectations.

Collaboration with engineering and infrastructure teams will be essential to analyze root causes, validate fixes, and drive improvements in secure system design and implementation.

What You Will Be Responsible For
  • Design and manage third‑party network penetration tests, including scoping, vendor selection, rules of engagement, quality assurance, and validation of results.
  • Lead end‑to‑end application penetration testing across internal and third‑party providers (web, API), including scoping, execution, exploitation, and retesting.
  • Perform advanced testing across authentication/authorization, business logic, injection, API abuse, crypto misuse, and access control weaknesses.
  • Establish and enforce testing standards for both internal teams and external vendors to ensure consistency, depth, and regulatory defensibility.
  • Deliver high‑quality, regulator‑ready reporting with clear exploitability, risk context, and actionable remediation guidance.
  • Lead the use of AI/LLM‑enabled testing techniques and conduct assurance testing of enterprise AI/LLM deployments (e.g., prompt injection, model abuse, data exposure risks).
  • Partner with engineering and infrastructure teams to validate remediation, reduce recurrence, and strengthen secure development and deployment practices.
What We Value
  • Technical depth with ownership, balancing hands‑on expertise with accountability for end‑to‑end outcomes across internal and external testing.
  • Strong judgment and vendor oversight, ensuring third‑party testing meets enterprise standards and delivers meaningful assurance.
  • Practical, risk‑focused mindset, prioritizing real‑world exploitability and business impact.
  • Clear, concise communication, producing executive‑ready outputs and actionable technical guidance.
  • Collaboration and partnership, working closely with engineering, infrastructure, and risk stakeholders.
  • Innovation and adaptability, particularly in applying AI/LLM techniques to offensive security challenges.
  • Continuous improvement, enhancing methodologies, playbooks, and testing consistency across internal and third‑party efforts.
Education &

Preferred Qualifications
  • 5+ years in penetration testing with strong experience across both application and network testing in high‑security/highly regulated environments.
  • Experience managing third‑party penetration testing vendors, including quality validation and outcome assurance.
  • Deep expertise in application penetration testing (web, APIs, mobile) and solid understanding of enterprise network attack paths.
  • Strong knowledge of modern architectures (cloud‑native, microservices, identity platforms, CI/CD pipelines).
  • Ability to translate technical findings into actionable, risk‑based remediation guidance and influence stakeholders.
  • Nice to have: experience using AI/LLM tools to perform network and application penetration testing and configuration/security reviews.
  • Education/Certifications (desired, not mandatory): BS/MS in relevant field; OSCP/OSEP/OSWE, GPEN/GXPN, GWAPT, PNPT, GCPN, or similar.
Additional Requirements

Hybrid schedule based on location.

Salary Range

$120,000 – $202,500 Annual (range applies to the primary specified location; other locations may differ).

Benefits

Employees are eligible to participate in State Street’s comprehensive benefits program, which includes retirement savings plan (401K) with company match;…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary