Offensive Security Professional II A
Bank Of AmericaJob Description
Offensive Security Professional II A
Job Description:
About Us
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work and providing a culture of caring is core to how we drive Responsible Growth. We are intentional about fostering an inclusive workplace where every teammate has the opportunity to succeed, build a career and contribute to our shared success. This includes attracting and developing exceptional talent, recognizing and rewarding performance, and supporting our teammates’ physical, emotional, and financial wellness through affordable, competitive and flexible benefits. We value the unique perspectives individuals bring from all backgrounds and career paths - whether shaped by military service, community college education, or a wide range of work and life experiences. These journeys foster resilience, leadership and innovation, strengthening our workforce and positively impact the communities we serve. Bank of America is committed to an in-office culture that supports collaboration, engagement, and career development. Our approach includes clear in-office expectations, while providing an appropriate level of flexibility based on role-specific responsibilities and business needs. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
Global Business Services
Global Business Services delivers Technology and Operations capabilities to Lines of Business and Staff Support Functions of Bank of America through a centrally managed, globally integrated delivery model and globally resilient operations.
Global Business Services is recognized for flawless execution, sound risk management, operational resiliency, operational excellence, and innovation.
In India, we are present in five locations and operate as BA Continuum India Private Limited (BACI), a non-banking subsidiary of Bank of America Corporation and the operating company for India operations of Global Business Services.
Process Overview*
Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies and addresses vulnerabilities and operates global security operations center that monitor, detects and responds to cybersecurity incidents. Within GIS, the Cloud Security organization is responsible for leading a team of deeply technical cyber security engineers and architects to design and implement best in class cyber security capabilities for internal and external cloud instances in partnership with infrastructure and application technology teams. In addition, lead efforts across other Global Information Security functions to enable cyber security technology and operations in cloud environments.
Job Description*
This role is for GIS Penetration testing team to conduct penetration tests and source code reviews of our internal/external web, mobile, web, and web API service applications, leveraging both manual techniques as well as automated tools to uncover and report security vulnerabilities that exist. You must be knowledgeable with business risks associated to common security vulnerabilities and to be able to effectively communicate complex technical concepts such as security vulnerabilities to application developers and/or senior managers who may have little to no experience with application security. You must have the ability to work independently in a very large scale, enterprise setting and collaborate with peer team members. Previous experience as an application security professional with a large Financial Institution a plus.
Requirements*
Education*: B.E. / B. Tech/M.E. /M. Tech
Certifications, If Any*: GWAPT, CEH, OSCP, SANS, CEH
Experience Range*: 10+ years
Foundational Skills*:
Strong hands-on experience in conducting comprehensive manual penetration tests and source code reviews against web, API, mobile applications, services, platforms, systems, and networks to identify security vulnerabilities.
Solid experience in using various security tools such as Invicti, SoapUI, Burp Suite Pro, Checkmarx, Kali Linux, Metasploit, etc.
Very Good Communication & Interpersonal skills.
Knowledge of network and Web related protocols/technologies.
Experience with latest penetration testing techniques (e.g., web application proxies, packet capture analysis software, browser extensions, advanced penetration testing tools (full stack), Linux distributions, Windows OS, etc.).
Experience of penetration testing on mobile platforms such as iOS, Android, and mobile device simulators.
Solid programming/debugging skills with proficiency in one or more of the following: Java, JavaScript, HTML, XML, PHP, ASP.NET, AJAX, JSON, Python, Perl, Shell script, Objective-C, and SOAP/REST web APIs.
Expert-level experience and knowledge in the following areas:
Authentication and security protocols.
Application session management.
Applied cryptography.
Common communication protocols.
Mobile frameworks.
Single sign-on technologies.
Development frameworks (Angular, React, etc.).
Exploit automation platforms.
Knowledge of a Structured Query Language.
Developer experience or coding background (nice-to-have).
Desired Skills*:
Experience of penetration testing and source code reviews on web, API and mobile platforms.
Solid programming/debugging skills with proficiency in one or more of the following: Java, JavaScript, HTML, XML, PHP, ASP.NET, AJAX, JSON, Objective-C, and SOAP/REST web APIs.
Work Timings*: 11:00 AM to 8:00 PM
Job Location*: Mumbai, Hyderabad, Chennai
Experience Level
Mid LevelJob role
Job requirements
About company
Similar jobs you can apply for
Manufacturing / ProductionEngineering Trainee
Hullect Services Private LimitedInstallation Engineer
Bharti Airtel ServicesTesting Engineer
UCAL Fuel Systems
Laptop Repair Technician
GofixField Installation Engineer
AirtelField Installation Engineer
AIRTELYou can expect a minimum salary of 0 INR. The salary offered will depend on your skills, experience and performance in the interview.
The candidate should have completed the required education and people who have 10 to 31 years are eligible to apply for this job. You can apply for more jobs in Chennai to get hired quickly.
The candidate should have sound communication skills and sound communication skills for this job.
Both Male and Female candidates can apply for this job.
No, it's not a work from home job and can't be done online. You can explore and apply for other work from home jobs in Chennai at apna.
No work-related deposit needs to be made during your employment with the company.
Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview.
The last date to apply for this job is . For more details, download apna app and find Full Time jobs in Chennai . Through apna, you can find jobs in 64 cities across India. Join NOW!