Bank of America · 19 hours ago
Manual Ethical Hacker
Chicago, IL
Full-time
Onsite
Mid, Senior Level
4+ years expBank of America is dedicated to improving financial lives through meaningful connections and responsible growth. The Manual Ethical Hacker role focuses on performing application security assessments to identify vulnerabilities and enhance the bank's cybersecurity measures. This position involves collaborating with various teams to understand security policies and report risks effectively.
Asset ManagementBankingFinanceFinancial ServicesFinTech
Responsibilities
Perform assigned analysis of internal and external threats on information systems and predict future threat behavior
Incorporate threat actors' tactics, techniques, and procedures into offensive security testing
Perform assessments of the security, effectiveness, and practicality of multiple technology systems
Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security
Prepare and present detailed technical information for various media including documents, reports, and notifications
Provide clear and practical advice regarding managed risks
Learn and develop advanced technical and leadership skills, Mentor Junior assessors in technical tradecraft and soft skills
Qualification
Required
Minimum of 4 years of professional pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment
Detailed technical knowledge in at least 3 of the following areas: security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services
SQL injection/XSS attack without the use of tools
Experience performing manual code reviews for security relevant issues
Experience working with SAST tools to identify vulnerabilities
Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings
Experience performing manual web application assessments i.e., must be able to simulate a
Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies)
Experience with vulnerability assessment tools and penetration testing techniques
Solid programming/debugging skills
Experience of using a variety of tools, included, but not limited to, IBM AppScan, Burp and SQL Map
Threat Analysis
Innovative Thinking
Technology Systems Assessment
Technical Documentation
Advisory
Preferred
CISSP, CEH, OSCP, OSWE, GPEN, PenTest+ or similar
Strong programming/scripting skills
Mobile application analysis
Frida
Binary analysis (disassembly skills)
Company
Bank of America
Bank of America is a financial institution that offers credit cards, home loans, and auto loan services.
10001+ employees
H1B Sponsorship
Bank of America has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (780)
2024 (546)
2023 (590)
2022 (759)
2021 (715)
2020 (931)
Funding
Current Stage
Public CompanyTotal Funding
$3.59BKey Investors
Berkshire Hathaway
2025-02-20Post Ipo Debt· $386.79M
2024-11-26Post Ipo Debt· $2B
2020-07-28Post Ipo Equity· $400M
Leadership Team
Charissa Messer
Senior Vice President, Creative Agency Executive (Enterprise Creative Solutions)
Rami Salem
SVP Strategic Competitive Intelligence
Recent News
2026-01-13
Company data provided by crunchbase