Cybersecurity Pentester

Powering the world’s payments ecosystem

ACI powers the payments ecosystem – globally, and you power ACI. You’ll innovate, collaborate, and grow – in an energetic technology culture with decades of proven success. ACIers – in all roles and levels – are truly your colleagues and many are your friends. Our size and reach allow you to see the global impact of your work. You are visible, your talents are valued, and you are empowered to shape the future of payments.

Job Summary:

Protects the confidentiality and availability of software, systems and information owned, controlled, used and managed by the company.Responsible for performing penetration testing and vulnerability assessments within a team environment. Conducts formal tests on web-based and traditional applications, networks/infrastructure, mobile, source code reviews, threat analysis, wireless network assessments and other technology.Performs the daily operation of the team including vulnerability identification, risk assessments, vulnerability remediation, and validation testing. Will provide actionable recommendations and guidance for the business based on the assessment findings.

Job Responsibilities:

Performs internal penetration testing and external red teaming of networks, systems, and applications within agreed scope and rules of engagement.

Runs Web application vulnerability software to detect security issues in web applications.

Analyzes output of web application test scans to determine valid security issues.

Conducts regular meetings with business unit stakeholders to assess remediation efforts from the findings of the pentest.

Gathers security related information across multiple electronic, computer and development environments.Identifies, summarizes, reviews, and reports potential/actual actions that may jeopardize information security environments.

Participates in information security audits to proactively minimize and eliminate information security vulnerabilities.

Uses penetration testing methodologies to validate the remediation of vulnerabilities and misconfiguration issues.

Reviews Application Code reports on vulnerabilities.

Performs extensive internal network reconnaissance with the correlation of data from SIEM, scanning applications, network monitoring devices, host applications, etc.

Performs Web application testing focused on http/https vulnerabilities, TLS, application level like XSS, SQL, cross site scripting.

• Perform other duties as assigned
• Understand and adhere to all corporate policies to include but not limited to the ACI Code of Business Conduct and Ethics.
• Understands and complies with Risk Management program requirements including

identification of risks, key controls, and control testing as applicable to their responsibilities.

Knowledge, Skills and Experience required for the