Jobs · devitjobs

B

Penetration Testing Consultant

Solstice Analytics · Posted 15d ago

onsitemid$109000 - 204000🇺🇸 United States
Apply on devitjobs

About the role

Salary: $109000 - 204000 per year Requirements: We require at least 3 years of hands-on manual penetration testing experience, especially across web or API security. We expect a strong understanding of HTTP/S protocols, headers, cookies, sessions, and CORS behavior. We look for experience testing authentication and authorization controls, including OAuth, JWT, session weaknesses, and IDOR/BOLA. We require strong proficiency with Burp Suite Professional, OWASP ZAP, and IBM AppScan, including proxying, repeater, intruder, and extensions. We expect deep practical knowledge of the OWASP Top 10 for web and API testing, along with common vulnerability classes. We value the ability to uncover and exploit business logic issues and multi-step attack paths. We prefer candidates with at least one relevant certification, with strong preference for respected information security credentials such as OSCP, GMOB, GWAPT, or OSWE. We expect an understanding of secure coding and application architecture. We require proficiency in at least one scripting language. We expect the ability to write clear, reproducible, and technically accurate findings. We typically look for 4 to 7 years of relevant experience and a post-secondary degree in Information Security, Computer Science, Engineering, Information Systems, or a related field, or an equivalent combination of education and experience. We prefer strong familiarity with industry frameworks and standards such as NIST CSF, ISO 27001/27002, and PCI DSS. We expect experience with information security concepts, methodology, processes, procedures, and controls. We value in-depth knowledge of business analysis and project delivery practices across the project lifecycle. We require strong verbal and written communication skills, collaboration, analytical thinking, influence, and data-driven decision-making abilities. Responsibilities: We provide information security consulting services across our organization and business groups. We work with stakeholders to understand problems, opportunities, business goals, objectives, and KPIs. We explain core processes, risks, and mitigation approaches for assigned areas. We develop and promote information security best practices while staying current on industry and business trends. We lead structured discussions to plan, gather, analyze, document, communicate, and manage initiatives and issues. We act as trusted advisors to assigned business groups and help shape strategic plans. We support strategic initiatives with internal and external stakeholders. We help set business priorities and determine the right execution sequence for group strategy. We analyze data and information to identify insights, recommendations, and problem resolutions. We serve as the day-to-day contact for vendors and support implementation, maintenance, and sustainment of vendor solutions. We translate business needs into solutions and recommendations aligned to security requirements. We advise leaders on security principles, frameworks, programs, trends, legislation, and regulatory requirements. We build credibility with stakeholders and influence outcomes that improve business performance through security solutions. We track milestones and metrics, recommend corrective actions, and escalate issues when needed. We promote process improvements and methodologies while maintaining alignment with security standards. We create and present professional, concise presentations. We assess the security impact of scope changes on project benefits and risks. We support continuous improvement and root cause analysis to strengthen security capabilities. We work independently, handle non-routine situations, and apply sound judgment to solve problems within established rules. We take measured risks and make risk-informed decisions that protect the bank, its assets, and compliance obligations. Technologies: API HTTP IBM Support JWT Mobile OWASP OAuth Security Web Network More: We are Solstice Analytics Group, a purpose-driven organization focused on creating positive change for our customers, communities, and people while supporting economic growth. This role is part of our Technology organization and is based in a virtual home-based arrangement in Texas. The position offers meaningful, high-impact work protecting critical financial applications through deep manual penetration testing across web, mobile, and APIs, with ownership from scoping through remediation. We provide a competitive salaried compensation range of $88,800 to $165,600, along with benefits that may include performance-based incentives, discretionary bonuses, health insurance, tuition reimbursement, accident and life insurance, and retirement savings plans. We also support growth through training, coaching, manager support, and networking opportunities, and we are committed to equal employment opportunity and reasonable accommodations. last updated 26 week of 2026

Read the full posting on devitjobs

FAQ

Is the Penetration Testing Consultant role at Solstice Analytics remote?+

This Penetration Testing Consultant position is listed as onsite.

What is the salary for the Penetration Testing Consultant role at Solstice Analytics?+

The listing states $109000 - 204000.

What seniority level is this Penetration Testing Consultant role?+

This is a mid level position.

How do I apply for the Penetration Testing Consultant role at Solstice Analytics?+

Use the "Apply on devitjobs" button to open the original posting on devitjobs, where you can submit your application directly to Solstice Analytics.