Title: Sr. Penetration Tester
Alternate Locations: US All Regions (Excluding Colorado); Work from Home (Excluding Colorado)
Relocation assistance is not available for this opportunity.
Level: P4 Requisition #65878
About the Company Lincoln Financial Group, a Fortune 250 company with over 10,000 employees, provides advice and solutions that help empower Americans to take charge of their financial lives with confidence. Our core business areas — Life Insurance, Annuities, Retirement Plan Services and Group Protection — focus on supporting, preserving and enhancing over 17 million customer’s lifestyles and retirement outcomes. Headquartered in Radnor, Pennsylvania, Lincoln Financial Group is the marketing name for Lincoln National Corporation (NYSE: LNC) and its affiliates. The company had $238 billion in assets under management as of December 31, 2018. Ranked one of the Best Large Employers in America by Forbes magazine, Lincoln Financial Group makes a serious investment in our employees’ futures through a broad range of wealth accumulation and protection plans, health and wellness programs, and career development resources designed to help each individual reach their personal and professional goals. The Role This position will consult/analyze and deliver on complex IT Security assignments/projects for his/her assigned area(s) of responsibility. S/he will carry out penetration testing through various testing procedures and improve the detection capabilities of emulated attacks. S/he will exploit vulnerabilities and then use the information from the discovery to develop complex solutions that can secure the enterprise. Responsibilities
Maintains knowledge on current and emerging developments/trends for assigned area(s) of responsibility, assesses the impact, and collaborates with management to incorporate new trends and developments in current and future solutions. Performs more complex penetration testing across various environments, including web application, infrastructure and mobile platforms Improves detection based on the results of emulated attacks that test the detection and response capabilities of the security monitoring and incident response functions. Develops more complex scripts to automate checks and create custom tools. Consults with internal stakeholders to integrate defensive tactics and controls with identified threats and vulnerabilities. Creates custom proof of concept attacks to demonstrate weaknesses. Champions and enhances organizational initiatives by positively influencing and supporting change management and/or departmental/enterprise initiatives within assigned area(s) of responsibility. Serves as a resource to team members and applicable internal/external stakeholders on more complex assignments/projects for his/her assigned area(s) of responsibility. Identifies and recommends process improvements that significantly reduce workloads or improve quality for his/her assigned area(s) of responsibility. Consults/Analyze on more complex assignments and/or projects for his/her assigned area(s) of responsibility. Evaluates and communicates vulnerabilities in processes, network design and access controls. Escalates and communicates identified increasingly complex cyber security risks to management and key internal stakeholders as needed.
Education 4 Year/Bachelor’s degree or equivalent work experience (4 years of experience in lieu of Bachelor’s) – Minimum Required Experience
5 – 7+ Years’ Experience with one or more of the following technologies: IPS, DLP, content filtering, malware detection, vulnerability management. (Required) 5 – 7+ Years’ Information Security-related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration. (Required) Ability to read, analyze and interpret both internal and external documents such as general media/publications, professional journals, technical procedures, governmental regulations, policies, proposals, and standard operating procedures. OSCP Certification (Required) OSEE certification (Preferred) Confident, comfortable communicator with strong written and verbal communication skills. Ability to analyze information and to evaluate the implications of a course of action or solution. Ability to interpret and apply common sense understanding to carry out a variety of instructions furnished in written, oral, or diagram form. Ability to solve problems and deal with a variety of concrete variables in situations where only limited standardization exists. Define problems, collect data, establish facts and draw valid conclusions. Evaluate trends in data or information.
This position may be subject to Lincoln’s Political Contribution Policy. An offer of employment may be contingent upon disclosing to Lincoln the details of certain political contributions. Lincoln may decline to extend an offer or terminate employment for this role if it determines political contributions made could have an adverse impact on Lincoln’s current or future business interests, misrepresentations were made, or for failure to fully disclose applicable political contributions and or fundraising activities. Any unsolicited resumes/candidate profiles submitted through our web site or to personal e-mail accounts of employees of Lincoln Financial Group are considered property of Lincoln Financial Group and are not subject to payment of agency fees. Lincoln Financial Group (“LFG”) is an Equal Opportunity employer and, as such, is committed in policy and practice to recruit, hire, compensate, train and promote, in all job classifications, without regard to race, color, religion, sex (including pregnancy), age, national origin, disability, sexual orientation, gender identity and expression, veterans status, or genetic information. Applicants are evaluated on the basis of job qualifications.