Stellenbeschreibung:

This position is posted by Jobgether on behalf of First National Bank of Omaha. We are currently looking for a Senior Penetration Tester- InfoSec in United States.

This role offers the opportunity to lead offensive security initiatives and strengthen enterprise defenses across applications, APIs, and internal systems. The Senior Penetration Tester- InfoSec will serve as a trusted technical advisor, guiding cross-functional teams on secure design, risk mitigation, and compliance requirements. You will perform hands-on penetration testing, vulnerability assessments, and provide actionable recommendations to enhance security posture. This position requires deep technical expertise, strong communication skills, and the ability to influence stakeholders while mentoring junior team members. The ideal candidate will thrive in a collaborative, high-impact environment focused on proactive security and continuous improvement.

Accountabilities

• Lead and execute penetration testing of APIs, web applications, and internal/external systems.
• Coordinate testing activities with system owners and guide remediation efforts.
• Act as a subject matter expert on offensive security, secure design, and enterprise risk mitigation.
• Contribute to operating system hardening standards and secure configuration guidelines.
• Manage vulnerability management processes and ensure effective remediation.
• Evaluate and advise on adoption of new technologies with secure implementation practices.
• Provide training and consulting to business and technical teams on reducing security risks.
• Collaborate with auditors and regulators on compliance reporting and assessments.
• Recommend process improvements to strengthen overall enterprise security posture.

Requirements

• 5+ years of experience in information security, including at least 2 years of hands-on penetration testing.
• Expertise across penetration testing, vulnerability assessment, risk assessment, and secure architecture.
• Strong knowledge of application security principles, secure SDLC, and threat modeling.
• Practical experience with tools such as Burp Suite, Metasploit, Nmap, Nessus, or equivalent.
• Familiarity with regulatory frameworks (ISO 27001, PCI-DSS, FFIEC, OCC, etc.).
• Excellent communication and documentation skills, with ability to present findings to technical and non-technical audiences.
• Ability to mentor junior team members and influence cross-functional teams.
• Bachelor’s degree in Computer Science, Information Systems, Engineering, or related field (or equivalent experience).
• Professional certifications strongly preferred: OSCP, GPEN, GXPN, CISSP, or equivalent.
• Must have unrestricted work authorization without need for future sponsorship.

Benefits

• Competitive salary and performance-based incentives.
• Comprehensive medical, dental, and vision insurance.
• 401(k) plan with company matching contributions.
• Paid time off and flexible work programs.
• Health Savings Account (HSA) and dependent care support.
• Employee banking benefits and tuition assistance programs.
• Short-term and long-term disability coverage.
• Opportunities for professional development and career growth.

Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching.

When you apply, your profile goes through our AI-powered screening process designed to identify top talent efficiently and fairly:
🔍 Our AI evaluates your CV and LinkedIn profile thoroughly, analyzing your skills, experience, and achievements.
📊 It compares your profile to the job’s core requirements and past success factors to determine your match score.
🎯 Based on this analysis, we automatically shortlist the 3 candidates with the highest match to the role.
🧠 When necessary, our human team may perform an additional manual review to ensure no strong profile is missed.

The process is transparent, skills-based, and free of bias — focusing solely on your fit for the role. Once the shortlist is completed, we share it directly with the company that owns the job opening. The final decision and next steps (such as interviews or additional assessments) are then managed by their internal hiring team.

Thank you for your interest!

 

#LI-CL1

NOTE / HINWEIS:

EN: Please refer to Fuchsjobs for the source of your application

DE: Bitte erwähne Fuchsjobs, als Quelle Deiner Bewerbung