Description

Fidelity’s Penetration Testing Team is to assure that the firm’s applications satisfy all aspects of systems security, adhere to corporate requirements, and counter-act known security vulnerabilities.

While working as part of this team, the successful individual must display a high degree of ownership for their own work and be able to quickly understand the security environment in which we operate. It is a varied and interesting role, which will give the successful applicant the opportunity to work with many business units, work closely with senior management, and gain valuable expertise in the important area of Information Security.

As a Web Application Penetration Tester, you will lead formal tests of applications on a regular basis. Along with these tests and assessments, you will collaborate with members of the Fidelity operations and development communities to provide proof of concept attacks, develop security guidance and assist in the remediation of security findings.

Responsibilities

• Lead testing efforts on Fidelity’s web and mobile applications and supporting systems.

• Replicate the actual techniques and tools used by malicious attackers in an effort to model potential external threats.

• Upon completion of the assessment, you will prepare reports and present the results to application owners, developers, and business unit information security teams.

• Analyze test results, draw conclusions from results, and develop targeted exploit examples

• Consult with operations and software development teams to ensure potential weaknesses are addressed

• Contribute to the research or development of tools to assist in the vulnerability discovery process

• Collaborate with other teams within Enterprise Cybersecurity to improve the overall security of Fidelity’s applications and infrastructure

• Stay current on security best practices and vulnerabilities