Full Job Description
Responsibilities
• Leads a team of cyber pentest professionals
• Conduct comprehensive penetration tests on various network components, applications, and systems to identify security weaknesses.
• Collaborate with cross-functional teams to simulate real-world cyberattacks and assess the organization's defenses
• Analyze findings and provide detailed reports with actionable recommendations for improving security posture
• Stay updated on the latest cybersecurity threats, trends, and technologies to ensure cutting-edge testing strategies
• Assist in developing security policies and procedures based on test results to enhance overall security frameworks
Qualifications
• Bachelor's degree in Information Security, Information Technology, Computer Science, Engineering or related field.
• Minimum 10 years of experience in an appropriate domain.
• Advanced understanding of the external threat landscape and adversary tactics & techniques.
• Advanced knowledge in network based and agent based vulnerability scanning software.
• Advanced technical understanding of CVSS, OWASP Top 10, SANS top 25, and Vulnerability Exploitability ratings.
• Advanced programming knowledge and the ability to code exploits in at least one language, including but not limited to Ruby, Python, Powershell, or BASH.
• Advanced knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security.
• Advanced understanding of all phases of adversary emulation operations including reconnaissance, social engineering, exploitation, post-exploitation, covert techniques, lateral movement, and data exfiltration.
• Advanced knowledge with cloud service providers and offerings.
• Advanced understanding of vulnerabilities, common attack vectors and ability to translate the attacker mindset.
• Advanced ability to think about creative threats and attack vectors.
• Advanced documentation capabilities.
• Advanced ability to communicate results to both technical and business audiences.
• Advanced knowledge of information security best practices and technology risk management disciplines and technologies.
• Advanced knowledge of relevant regulatory requirements and laws.
• Advanced knowledge and understanding of diverse platforms and operating systems, including current and emerging technologies.
• Proven leadership experience with ability to effectively drive results, provide feedback / direction, and manage and build relationships.
• Strong ability to influence and build relationships with LOB stakeholders, technology CIO leadership, internal, and external partners.
• Advanced analytical mindset, focused on results with critical thinking, research and problem-solving, and decision-making skills.
• Advanced ability to determine, develop and communicate actionable insights to streamline processes/transactions.
• Highly self-motivated with a strong sense of initiative.
• Advanced ability to self-direct and manage competing priorities on concurrent large, complex projects, initiatives, and deliverables.
• Strong verbal, written, and interpersonal communication skills.
The duties listed above are the essential functions, or fundamental duties within the job classification. The essential functions of individual positions within the classification may differ. Texas Capital Bank may assign reasonably related additional duties to individual employees consistent with standard departmental policy.
