Cyber Pentest Sr Analyst

About The Position

Requirements

• Bachelor's Degree required or equivalent experience in Information Technology or Computer Science discipline.
• AWAE/OSWE, OSCP, CEH, GWAPT, or GPEN security certifications preferable.
• 2+ years of experience conducting security assessments in a secure SDLC workflow, such as Security Architecture Analysis, Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Dynamic Application Security Testing (DAST).
• Experience of using a variety of application security tools such as Burp Suite, GitHub Advanced Security, SQLMap, SSLyze, etc.
• Understanding of security protocols, cryptography, authentication, authorization, and security relative to Applications/APIs.
• Experience working with industry security frameworks (GLBA, CSA, CIS, FFIEC, PCI DSS, GDPR, HIPAA, NIST, etc.)
• Experience with common web stack technologies (HTTP, REST, etc.) and platforms (e.g., AngularJS, Tomcat, .Net, MS SQL, etc.)
• Experience with Continuous Integration/Continuous Deployment tools and processes
• Proven written and verbal skills to communicate security risks to various audiences, ranging from technical to non-technical.
• Experience working with line of business, 2LOD (Risk), and 3LOD (Audit) functions to drive risk reduction across the enterprise.
• Working knowledge of Application Identity and Access management (IAM) including Single Sign On, MFA, identity providers and frameworks for Applications. (FIDO, SAML, OAuth, OpenID Connect)
• MS Office skills including Visio, PowerPoint, Excel and Word and experience using these tools to build system designs and provide updates.
• The duties listed above are the essential functions, or fundamental duties within the job classification.
• The essential functions of individual positions within the classification may differ.
• Texas Capital Bank may assign reasonably related additional duties to individual employees consistent with standard departmental policy.

Nice To Haves

• AWAE/OSWE, OSCP, CEH, GWAPT, or GPEN security certifications preferable.

Responsibilities

• Conduct application security penetration tests to identify vulnerabilities in the software design and implementation.
• Partner with application technology subject matter experts (SMEs) to effectively address risk while supporting the business.
• Influence and facilitate a culture of secure software design and development through application security awareness and best practices.
• Communicate application security concepts effectively across all organization levels.
• Review technical design documentation to ensure security related items are incorporated.
• Ability to think critically, prioritize tasks and solve problems independently or as a team member.
• The duties listed above are the essential functions, or fundamental duties within the job classification.
• The essential functions of individual positions within the classification may differ.
• Texas Capital Bank may assign reasonably related additional duties to individual employees consistent with standard departmental policy.

Benefits

• Texas Capital provides a variety of benefits to colleagues, including health insurance coverage, wellness program, fertility and family building aids, life and disability insurance, retirement savings plans with a generous 401K match, paid leave programs, paid holidays, and paid time off (PTO).