24 Mar 2020

Full-Time Application Penetration Tester (Jacksonville/Remote)

Black Knight Financial Services – Posted by BKInc2018 Jacksonville, Florida, United States

Job Description

Black Knight is the premier provider of integrated technology, services, data and analytics that lenders and servicers look to first to help successfully manage the entire loan life cycle. Our deep understanding of regulatory and compliance issues complements the knowledge, technology and solutions we offer to help our clients achieve their business goals. Black Knight offers leading software systems; data and analytics offerings; and information solutions that facilitate and automate many of the business processes across the mortgage life cycle.

JOB FAMILY DESCRIPTION
Responsible for protecting the company from dynamic and evolving threats by coordinating and performing penetration tests. Monitors and researches emerging and advanced information security threats, as well as assesses customer data, investigating repeating trends, attacks, malicious intellectual properties, and other abnormalities. Minimizes data expo sure risks by meeting all company and regulatory requirements while developing and implementing business solutions.

This position is remote / telecommute eligible. If located in Jacksonville, FL some onsite will be required.

GENERAL DUTIES & RESPONSIBILITIES
* Detects and analyzes threat activity for the identification of advanced persistent threats and malware in real-time while also researching emerging threats.
* Coordinate Penetration testing with 3rd party vendors and to prevent possible incidents that target the company and pose an imminent risk to the company, its employees and customers.
* Plans, directs and facilitates response and recovery activities in response to a threat in software applications.
* Provides consulting services with software development teams on code vulnerabilities and completes interpretations of the risk to the company and clients.
* Conducts scan reviews a nd provides recommendations to management regarding filters, blocking, vulnerability remediation, etc.
* Research hackers and hacker techniques and provide detailed briefings and intelligence reports to management.
* Conduct analysis of intelligence data as it pertains to the application security of the Client.
* Collaborate with intrusion analysts to identify, report on, and coordinate remediation of threats to the company and its clients.
* Conducts Security vulnerability assessments of Web, Desktop Applications, and Web Services.
* Performs other related duties as assigned.

EDUCATIONAL GUIDELINES
* Bachelor’s Degree in Computer Science, Information Systems, Computer Engineering or the equivalent combination of education, training, or work experience.
* Professional certification such as CISSP, CEH, OSCP, PenTest+, GXPN, GWAPT, GPEN, GWEB, or GSSP preferred.

GENERAL KNOWLEDGE, SKILL S & ABILITIES
* Experience with Penetration Testing tools such as Burp Suite, Kali Linux, etc. preferred
* Experience with scripting languages such as Python, Selenium (Add-On), SQL syntax, Powershell, etc. preferred
* Knowledge of common application vulnerabilities (OWASP Top 10) a plus
* Experience with either Java and/or .NET (C#) development languages and code a plus
* The ability to evaluate information security risk implications
* Knowledge of hacker methodologies and tactics, system vulnerabilities and key indicators of attacks and exploits
* Knowledge of relevant legal and regulatory requirements
* Knowledge of common information security management frameworks
* Strong understanding of developing and deploying analytical tools and technologies to cybersecurity challenges
* Ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, defend the analysis, and apply attribution to cyber threat activity
* Knowledge of computer network defense operations (e.g., proxy, firewall, IDS/IPS, router/switch, open source information collection, etc.)
* Strong background in security operations, process, solutions and technologies
* Strong understanding of policy, compliance, and best practice security principles
* Working knowledge of Linux, Windows, and / or Network Operating Systems
* Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
* Experience with enterprise risk assessment methodologies
* Results oriented, business focused, and successful at interfacing across multiple organizational units

Threat Intelligence Analyst III
Advanced professional role. Performs work that is moderate to highly complex and varied in nature. Develops integrated solutions to resolve technical and business issues. Provides direction, guidance and integration of services. May lead multiple IT security projects or participate as a team member. Works on small to large, moderately complex security issues or projects that require expertise in multiple IT functional areas.

Requires significant knowledge of security issues, techniques and implications across all existing computer platforms. May serve as a project leader for IT security projects or the security components of multi-discipline projects. Must have significant knowledge in networking, databases, systems and/or Web operations. May coach and guide more junior staff. Typically requires six (6) or more years of combined IT and security work experience with extensive exposure conducting netw ork security vulnerability assessments, penetration testing, or other related experience using advanced networking tools and security solutions as well as non-traditional techniques and methodologies and at least four (4) or more years of experience intelligence collection, analysis, and reporting process/procedures.

Black Knight is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, disability, age, and protected veteran or military family status. Our employees’ diversity is our strength, and when we embrace our differences, it makes us better and brighter. Black Knight’s commitment to inclusion is at the core of who we are, and motivates us in how we do business each and every day.

How to Apply

Application URL: https://www.aplitrak.com/?adid=bWVnYW4uZ2l1ZmZvLjY0NDM3LjEwNTk0QGJsYWNra25pZ2h0ZmluLmFwbGl0cmFrLmNvbQ

Job Types: Full-Time.

Job expires in 21 days.

58 total views, 3 today

Apply for this Job