Senior Penetration Tester

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Your career opportunity

This job role is responsible for providing subject matter expertise in Penetration Testing to support wider Cyber Security efforts and organization. The successful candidate will operate as part of a global/regional team within the Cybersecurity organization to provide expertise, oversight and assurance around security process, controls, standards and regulatory requirements.

What you’ll do

• Perform highly technical/analytical security assessments of custom mobile applications, widely understood infrastructure and networks, web services and APIs. 
• Work closely with the DevOps teams to ensure that the security testing requirements are met and help automate repetitive tasks.
• Develop understanding of business functionality and apply testing methodology as appropriate to technologies and risks.
• Code and demonstrate basic proof-of-concept exploits of vulnerabilities when required.
• Assist with coordination of security testing projects according to a structured process, including writing test plans, test cases and test reports.
• Assess product release risk and complexity and identify potential misuse scenarios through review of business requirements and design specifications.
• Assist with tracking, remediation, and risk acceptance for identified security vulnerabilities.
• Assist in planning, test execution and vulnerability mitigation. 
• Run evaluations of new security testing technologies and provide recommendations.
• Monitor security industry information sources and keep abreast of events, research, and developments.
• Identify opportunities to improve our processes, quality of the work and efficiencies.

What you need to have to succeed in this role

• Be subject matter expert in at least 1 of penetration testing domains (i.e. infrastructure/apps/mobile).
• At least 5 years of prior demonstrable hands-on experience in penetration testing.
• Solid understanding of the platform security models for iOS and Android platforms.
• Excellent understanding of platform-specific security risks, common vulnerabilities for mobile applications, common risks in financial applications.
• Practical knowledge of penetration testing of widely understood infrastructure, web and mobile technologies, using manual and automated testing methods.
• Excellent TCP/IP knowledge and understanding of security implications/issues.
• Strong web application testing experience.
• Proven programming/scripting skills.
• Ability to explain security functionality from first principles.
• Ability to adapt and apply information to new scenarios and technologies.
• Strong understanding of applied use of cryptography in application development.

What we offer

• Competitive salary
• Annual performance-based bonus
• Additional bonuses for recognition awards
• Multisport card
• Private medical care
• Life insurance
• One-time reimbursement of home office set-up (up to 800 PLN).
• Corporate parties & events
• CSR initiatives
• Nursery discounts
• Financial support with trainings and education
• Social fund
• Flexible working hours 
• Free parking

If your CV meets our criteria, you should expect the following steps in the recruitment process:

• Online behavioural test 
• Telephone screen 
• Interview with the hiring manager. 

We are looking to hire as soon as possible so don’t wait and apply now!

You'll achieve more when you join HSBC.