Web Application Pentester jobs in United States
cer-icon
Apply on Employer Site
company-logo

Texas Capital ยท 1 month ago

Web Application Pentester

positionRichardson, TX
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

Texas Capital is a financial services company focused on building relationships and providing innovative solutions for businesses. The Web Application Pentester role involves conducting penetration tests and security reviews to ensure the integrity and security of web applications and APIs. The position requires collaboration with various teams to promote secure software development practices and reduce risks.

BankingFinanceFinancial Services
check
H1B Sponsor Likelynote

Responsibilities

Conduct application security penetration tests to identify vulnerabilities in the software design and implementation
Assess emerging application security systems, standards, authentication protocols, and products to determine where they fill gaps, overlap with existing solutions, or extend capabilities
Provide guidance on application security architecture standards and design patterns inclusive of web, API, and cloud system integration
Partner with application technology subject matter experts (SMEs) to define and formalize security policies required to build, support, and consume application services
Influence and facilitate a culture of secure software design and development through application security awareness and best practices
Communicate application security concepts effectively across all organization levels
Review technical design documentation to ensure security related items are incorporated
Ability to think critically, prioritize tasks and solve problems independently or as a team member

Qualification

Application Security TestingSecurity CertificationsSecurity FrameworksWeb Application SecurityCloud SecurityAPI SecurityContinuous IntegrationTechnical CommunicationMS Office SkillsProblem SolvingTeam Collaboration

Required

Bachelor's Degree required or equivalent experience in Information Technology or Computer Science discipline
5+ years of experience conducting security assessments in a secure SDLC workflow, such as Security Architecture Analysis, Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Dynamic Application Security Testing (DAST)
Experience of using a variety of application security tools such as Burp Suite, GitHub Advanced Security, SQLMap, SSLyze, etc
Understanding of security protocols, cryptography, authentication, authorization, and security relative to Applications/APIs
5+ years of experience in support, development, design, and implementation of technology solutions on large initiatives - preferably in Financial Services
Experience working with industry security frameworks (GLBA, CSA, CIS, FFIEC, PCI DSS, GDPR, HIPAA, NIST, etc.)
Experience building, designing, or securing software architectures including APIs and Microservice-based web services, understand API Gateway pattern and products (e.g., AWS API Gateway, MuleSoft, Software AG, etc.) and implement and access controls for users and API Integrations
Experience with common web stack technologies (HTTP, REST, etc.) and platforms (e.g., AngularJS, Tomcat, .Net, MS SQL, etc.)
Experience with Continuous Integration/Continuous Deployment tools and processes
Proven written and verbal skills to communicate security risks to various audiences, ranging from technical to non-technical
Experience working with line of business, 2LOD (Risk), and 3LOD (Audit) functions to drive risk reduction across the enterprise
Working knowledge of Application Identity and Access management (IAM) including Single Sign On, MFA, identity providers and frameworks for Applications. (FIDO, SAML, OAuth, OpenID Connect)
MS Office skills including Visio, PowerPoint, Excel and Word and experience using these tools to build system designs and provide updates
Expert level experience and very detailed technical knowledge in at least 3 of the following areas: general information security; security engineering; application architecture; authentication and security protocols; applications session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services

Preferred

AWAE/OSWE, OSCP, CEH, GWAPT, or GPEN security certifications desired

Benefits

Health insurance coverage
Wellness program
Fertility and family building aids
Life and disability insurance
Retirement savings plans with a generous 401K match
Paid leave programs
Paid holidays
Paid time off (PTO)

Company

Texas Capital

twittertwittertwitter
Glassdoor2.9
company-logo
Since our founding in 1998, Texas Capital remains impassioned by the spirit of entrepreneurship and innovation.
dateFounded in 1998
location
Dallas, Texas, USA
people-size1001-5000 employees
web-link
http://www.texascapitalbank.com

H1B Sponsorship

Texas Capital has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (8)
2024 (9)
2023 (11)
2022 (20)

Funding

Current Stage
Public Company
Total Funding
unknown
2003-08-13IPO

Leadership Team

leader-logo
David Oman
Chief Risk Officer (CRO)
linkedin
leader-logo
Vivek Misra
Managing Director & Enterprise Chief Compliance Officer
linkedin

Recent News

Business Wire
Avenacy Provides Update on Business Progress and Announces 2026 Strategic Priorities Ahead of 44th Annual J.P. Morgan Healthcare Conference
2026-01-09
PharmiWeb
Avenacy Provides Update on Business Progress and Announce...
2026-01-09
MarketScreener
Texas Capital Bancshares Approves New $200 Million Buyback Plan
2025-12-02
Company data provided by crunchbase