Senior Engineer, Cyber Security (Pentesting)
Indexed description
Join us as we create something extraordinary together.
Job Overview
LPL Financial Corp is seeking a Senior Engineer, Cyber Security (Pentesting) to lead and execute advanced penetration testing activities, identifying vulnerabilities and strengthening the security posture of our critical systems and applications.
Responsibilities
- Perform comprehensive penetration tests across various environments, including web applications, mobile applications, network infrastructure, cloud platforms, and APIs.
- Conduct vulnerability research and exploit development to assess the true impact of identified weaknesses.
- Develop and implement custom tools, scripts, and methodologies to enhance penetration testing capabilities.
- Collaborate with development, operations, and security teams to communicate findings, recommend remediation strategies, and validate fixes.
- Lead red team exercises and adversarial simulations to evaluate organizational defenses and incident response capabilities.
- Stay current with emerging threats, vulnerabilities, and security technologies, incorporating new insights into testing approaches.
- Mentor junior security engineers and contribute to the development of internal security best practices.
- Prepare detailed technical reports and executive summaries outlining findings, risks, and recommendations.
- Participate in security architecture reviews to provide proactive security input
Requirements
- Bachelor's degree in computer science, Information Security, or a related field; or equivalent practical experience.
- 5+ years of experience in penetration testing, ethical hacking, or offensive security roles.
- Proficiency in at least one scripting language (e.g., Python, Ruby, PowerShell, Bash). In-depth knowledge of web application vulnerabilities (OWASP Top 10) and associated testing methodologies.
- Experience with various penetration testing tools such as Burp Suite, Metasploit, Nmap, Nessus, Acunetix, etc.
- Understanding of network protocols, operating systems (Windows, Linux), and cloud security principles (AWS, Azure, GCP). Familiarity with common security frameworks and standards (e.g., NIST, ISO 27001). Relevant certifications such as OSCP, OSCE, GPEN, GWAPT, or eCPPT are highly desirable.
- Exceptional written and verbal communication skills, with the ability to articulate complex technical issues to both technical and non-technical audiences. Ability to work independently and as part of a team in a fast-paced environment.
- Master’s degree
- Experience within the financial or wealth management industry
- Able to make quick decisions and resolve complex technical problems
- Ability to manage through shift changes and effectively transition open and unresolved issues.
- Ability to adapt, learn new technologies, develop new processes, and improve procedures.
- Excellent documentation skills.
- Ability to write, read, interpret, and edit complex documents and correspondence with team members and stakeholders.
- Excellent verbal and written communication skills.
- Ability to work peak, off-peak, weekend, and holiday shifts.
- Ability to communicate and respond to communication effectively with client, associates, and stakeholders.
- Ability to perform problem-solving, use logic and creative thought processes to resolve complex technical problems.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search