When you join one of the nation's leading banks, you can expect a career that offers you the opportunities to expand your skill set and achieve your goals. We are passionate about Lighting the Way to Financial Well-Being. Helping instill a sense of confidence in the financial circumstances of clients, communities, teammates and shareholders is at the center of everything we do.
The selected candidate will be executing penetration testing assessments within the organization. This individual should be a motivated self-starter and have a strong foundation and understanding in Information Technology and security vulnerabilities as well as be familiar with threat modeling and attack scenarios. The scope of this role includes performing security penetration testing for SunTrust applications, assets, and provide ad-hoc consultation. The candidate must be able to provide actionable recommendations and guidance for clients based on the assessment findings. This candidate should have excellent communication skills, both written and oral, and be willing to learn new security and banking technologies.
Self-Starter with willingness to learn new skills and technologies.
Strong interpersonal, verbal, and written communication skills
Experience with penetration testing processes, tools, and technologies.
Experience with multiple penetration tools, such as: Burp, OWASP ZAP, NMAP, SQLmap, Pupy, Mimikatz, Metasploit, etc.
Proficiency in at least one scripting language, such as: Python, Ruby, or Perl
Experience with network penetration testing and web application penetration testing.
Knowledge of attack method types and their usage in targeted attacks, such as malware, vulnerabilities, application vulnerabilities, lateral movement, etc.
Strong Operating System experience with Windows and Linux/Unix.
Experience creating reports with detailed penetration test findings, descriptions, reproduction steps, and mitigation recommendations.
Ability to perform extensive internal network reconnaissance with the correlation of data from SIEM, scanning applications, network monitoring devices, host applications, etc.
Experience presenting the results of penetration tests to stakeholders to include senior or executive leadership.
Bachelor’s degree and 8 years of experience in IT security or an equivalent combination of education and work experience.
Deep specialized and/or broad functional knowledge.
Sound understanding of business and organizational strategies and processes.
Ability to interpret internal and external business challenges and recommend best practices.
Ability to lead complex projects.
Sophisticated analytical skills and the ability to solve complex technical and business problems.
Ability to influence others at senior levels to adopt a new perspective.
Master’s degree or MBA and 10 years of experience or an equivalent combination of education and work experience.
Experience in a program/project leadership role.
Certifications in GPEN, CPTE, OSCP, OSCE, CISSP, CISA and CISM.
Banking or financial services experience.
Prior experience working on a penetration testing team, or other technical security assessment teams.
Prior experience working in a technical role such as network administration, coding, or engineering.
Equal Opportunity Employer: SunTrust supports a diverse workforce and is a Drug Testing and Equal Opportunity Employer. SunTrust does not discriminate against individuals on the basis of race, creed, color, gender, religion, national originTo review the EEO Poster, copy and paste the following link into your browser: http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf http://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf