Senior Penetration Testing Engineer

Alliant Credit Union

$92K — $144K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's Degree in Computer Science, Cybersecurity, Information Systems, or related field
  • 3+ years of experience in penetration testing or offensive security
  • Strong background in hands-on penetration testing of web applications and APIs
  • Proficiency in both manual and automated testing methods
  • Preferred industry certifications such as OSWE, OSCP, OSCE, GPEN, GWAPT, or CRTO

Responsibilities

  • Execute penetration tests on web applications and APIs, internally developed and vendor solutions
  • Conduct various testing scenarios, both authenticated and unauthenticated
  • Identify and exploit vulnerabilities, assessing risk and impact
  • Develop proof-of-concept exploits and document attack paths
  • Collaborate with development teams on remediation and validation of fixes
  • Analyze and prioritize vulnerability findings based on their business impact
  • Produce clear, actionable reports for technical and non-technical stakeholders
  • Stay updated on relevant threats and best practices for security

Benefits

  • Annual performance bonus
  • Ability to work from home up to 3 days a week
  • Paid parental leave
  • Employee discount programs
  • Generous paid time off, including personal and sick days
  • 11 paid holidays
  • Education reimbursement
Full Job Description
In this hybrid role based at our Chicago Headquarters, you will plan, execute, and report on penetration tests with a focus on web applications and web APIs across both internally developed and vendor SaaS solutions. Perform hands-on offensive security testing to identify, validate, and drive remediation of vulnerabilities in modern application and API architectures. Support targeted testing of related infrastructure, cloud services, and internal systems as needed. Work with software engineering, application security, and cyber threat mitigation teams to strengthen the organization's overall security posture.

Essential Responsibilities
  • Perform hands-on penetration testing with a primary focus on web applications and web APIs across homegrown and vendor systems, support testing of cloud, mobile, and internal systems.
  • Conduct manual and automated testing, including authenticated and unauthenticated attack scenarios.
  • Identify, exploit, and validate vulnerabilities, provide realistic assessments of risk and impact.
  • Develop proof-of-concept exploits and document attack paths when appropriate.
  • Work with development teams to guide remediation efforts, provide recommendations, review fixes, validate resolutions, and retesting.
  • Collaborate proactively with engineering through threat assessments, threat modeling, and "what-could-go-wrong" reviews before code is written.
  • Analyze and prioritize vulnerability findings based on exploitability, severity, and business impact.
  • Produce clear, actionable penetration test reports tailored for technical and non-technical audiences.
  • Present findings and trends to engineering teams, security leadership, and management.
  • Contribute to improving internal testing methodologies, tooling, and standards.
  • Stay current on emerging threats, attack techniques, and best practices relevant to modern web applications, APIs, and cloud environments.

Education & Years of Experience
  • Minimum - 4 Year Bachelors Degree in Computer Science, Cybersecurity, Information Systems or related
  • Minimum - 3 Years of Penetration testing, offensive security or related

In Lieu of Education
  • 6 Years of Penetration testing, offensive security or related

License/Certifications/Training
  • Preferred: Industry certifications such as OSWE, OSCP, OSCE, GPEN, GWAPT, CRTO, or related offensive security credentials

Compensation & Benefits:

Typical hiring range: $92,600.00 to $144,100.00 Annually. Actual compensation will be determined using factors such as experience, skills & knowledge.

Benefits: Alliant provides a benefits package including health care, vision, dental, and 401k with employer match including:
  • Annual performance bonus
  • Work from home up to 3 days a week
  • Paid parental leave
  • Employee discount programs
  • Time off including paid personal and sick days
  • 11 paid holidays
  • Education reimbursement

*Note that eligibility and cost of benefits can vary depending on the number of regularly scheduled hours, and job status such as regular full-time, regular part-time, or temporary employment.

Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act. Ensures compliance with all applicable state and federal laws, company procedures and policies. Maintains integrity and ethics in all actions and conversations with or regarding credit union members and their accounts; complies with Privacy Act directives.

The responsibilities listed do not contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice.

Similar Jobs

More Jobs at Alliant Credit Union

More Information Technology Jobs

Find similar Senior Penetration Testing Engineer jobs: