Senior Penetration Tester jobs in United States
cer-icon
Apply on Employer Site
company-logo

U.S. Bank · 13 hours ago

Senior Penetration Tester

positionEnglewood, CO
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$120K/yr - $141K/yr
date8+ years exp

U.S. Bank is on a mission to support its customers and communities, and they are seeking a Senior Penetration Tester to enhance their information security program. In this role, you will assess the security of mobile, API, and web applications, identifying vulnerabilities and recommending mitigation strategies to combat cyber threats.

BankingFinancial ServicesInsuranceMortgageWealth Management
check
H1B Sponsor Likelynote

Responsibilities

Lead dynamic penetration testing against mobile, API, and web applications and information systems
Identify vulnerabilities and use manual exploitation techniques to demonstrate business impact
Deliver clear, actionable reports outlining findings, vulnerability scoring, and remediation guidance for both technical and non‑technical audiences
Continuously enhance testing methodologies by researching emerging threats, tools, and techniques
Support team initiatives such as process optimization, tool/script development, and knowledge sharing

Qualification

Mobile Application SecurityWeb & API Penetration TestingManual Testing & ExploitationCloud & Platform FluencyTechnical ProficiencyTooling & AutomationThreat Modeling & Risk AssessmentRegulatory & ComplianceCommunication & DocumentationLeadership & MentorshipSource code reviewServiceNow Application Vulnerability ResponseCertifications GMOBCertifications GWAPTCertifications etc.

Required

Bachelor's degree in Engineering or Science, or equivalent work experience
Eight or more years of experience in information security
Two or more years of experience in IT infrastructure management
Two or more years of experience in Application architecture
Two or more years of experience in Risk management
Two or more years of experience in Data architecture
Two or more years of experience in Middleware technology
Two or more years of experience in IT operations and project management
5+ years of hands‑on experience with Android and iOS testing methodologies
Familiarity with platform‑specific risks, OWASP MASVS, and MASTG
Deep understanding of OWASP Top 10, API Security Top 10, and SANS Top 25 vulnerabilities
Advanced proficiency with Burp Suite Pro, Postman/Insomnia, and custom scripts
Skilled in identifying business logic flaws, access control issues, and chaining exploits
Experience testing in AWS, Azure, containerized environments, and Kubernetes
Familiarity with cloud‑native tools such as AWS Inspector, Azure Defender, and ScoutSuite
Strong scripting skills (Python, PowerShell, Bash, Ruby, Go)
Solid understanding of HTTP/S, OAuth, SAML, JWT, TCP/IP, DNS, firewalls, and IDS/IPS
Experience developing custom tools and scripts to automate testing workflows
Familiarity with tools such as Nmap, Metasploit, and Kali Linux
Ability to conduct threat modeling and risk assessments to prioritize testing and communicate business impact
Knowledge of PCI‑DSS, HIPAA, NIST 800‑53, ISO 27001, and FedRAMP
Excellent written and verbal communication skills
Experienced in articulating findings to technical and non‑technical audiences, including executives
Proven ability to lead engagements, manage stakeholder expectations, and mentor junior testers

Preferred

Source code review
ServiceNow Application Vulnerability Response
Knowledge of change control and security architecture
GMOB, GWAPT, OSWE, OSCP, GPEN, GXPN, or equivalent

Benefits

Healthcare (medical, dental, vision)
Basic term and optional term life insurance
Short-term and long-term disability
Pregnancy disability and parental leave
401(k) and employer-funded retirement plan
Paid vacation (from two to five weeks depending on salary grade and tenure)
Up to 11 paid holiday opportunities
Adoption assistance
Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law

Company

U.S. Bank

twittertwittertwitter
Glassdoor3.6
company-logo
At U.S.
dateFounded in 1968
location
Minneapolis, Minnesota, USA
people-size10001+ employees
web-link
http://www.usbank.com

H1B Sponsorship

U.S. Bank has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (20)

Funding

Current Stage
Public Company
Total Funding
$991M
Key Investors
U.S. Department of the TreasuryMitsubishi UFJ Financial Group
2023-09-29Post Ipo Debt· $55M
2023-08-03Post Ipo Debt· $936M
1978-01-13IPO

Leadership Team

leader-logo
John C Stern
CFO
linkedin
leader-logo
Daniel Crozier
Senior Vice President Operations
linkedin

Recent News

Business Wire
Adapture Renewables Closes $233 Million in Financing from U.S. Bank for Titanium Solar Projects in Illinois and Arkansas
2026-01-07
Business Wire
CPV Begins Operations at Maryland’s Largest Solar Project
2025-12-24
MarketScreener
Grindr Amends, Extends, and Upsizes Credit Facility to $600 Million
2025-12-17
Company data provided by crunchbase