Back to search
Motion Recruitment Linkedin · Posted 28d ago

Testing Specialist

Charlotte

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

Job Title: Pen Tester/ Penetration testing

Job Location: Charlotte, NC 28262 (Hybrid).

Job Duration: 12 months (possibility of extension)


Summary:

Outstanding long-term contract opportunity! A well-known Financial Services Company is looking for a Cyber Security Research Engineer in

Work with the brightest minds at one of the largest financial institutions in the world. This is a long-term contract opportunity that includes a competitive benefit package! Our client has been around for over 150 years and is continuously innovating in today's digital age. If you want to work for a company that is not only a household name, but also truly cares about satisfying customers' financial needs and helping people succeed financially, apply today.


Responsibility

  • Consult on or participate in moderately complex initiatives and deliverables within Cyber Security Research and contribute to large-scale planning related to Cyber Security Research deliverables.
  • Review and analyze moderately complex Cyber Security Research challenges that require an in-depth evaluation of variable factors.
  • Contribute to the resolution of moderately complex issues and consult with others to meet Cyber Security Research deliverables while leveraging solid understanding of the function, policies, procedures, and compliance requirements.
  • Collaborate with client personnel in Cyber Security Research.
  • Conduct application penetration testing across browser-based/web applications, APIs, and mobile applications (and where applicable mainframe and thick client applications) using primarily manual techniques supplemented by automated tools; include authentication/authorization testing and business-logic abuse cases where applicable
  • Configure and tune automated tools to support testing, improve coverage, and accelerate discovery (as a complement to manual testing)
  • Perform deep defect analysis by reproducing, validating, and safely demonstrating impact (including chained attack paths when applicable); triage and disposition false positives from automated tooling
  • Produce clear, reproducible technical reports with evidence (steps to reproduce, impacted components/endpoints, and risk/impact) and practical remediation guidance
  • Collaborate with application and security teams to ensure shared understanding of defects, prioritization, and remediation paths; support defect walkthroughs and follow-up questions as needed
  • Support continuous improvement of testing methodologies and processes leveraging industry standards and best practices
  • Collaborate with other members of the team to share knowledge and complete peer reviews of reports
  • Communicate findings and risk clearly to technical and non-technical stakeholders; support readouts, status updates, and remediation Q&A


Required Skills & Experience

  • 4+ years of Cyber Security Research experience, or equivalent demonstrated through one or a combination of the following: work or consulting experience, training, military experience, education.
  • 2+ years of Cybersecurity Research experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • 2+ years of hands-on application penetration testing experience (manual testing required), beyond reviewing/validating automated scanner results
  • 2+ years of Dynamic Application Security Testing (DAST) experience, including tool configuration/tuning and manual verification of findings


Desired Skills & Experience

  • Advanced experience with testing tools such as Burp Suite, Invicti, WebInspect, and Fiddler (and applying them to web, API, mobile, and thick client testing as applicable)
  • Strong knowledge of application security and common vulnerabilities (OWASP Top 10)
  • Experience with scripting and automation (e.g., Python, Shell)
  • Knowledge of security best practices and compliance standards (e.g., PCI DSS, GDPR)
  • Excellent communication skills and the ability to collaborate effectively with cross-functional teams
  • Strong problem-solving and analytical skills
  • Demonstrated knowledge of AI/ML-enabled applications and common security risks (for example, prompt injection, sensitive data exposure, and insecure integrations)
  • Security certifications such as OSCP, BSCP, GWAPT, GPEN, GXPN or equivalent are a plus


Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent