Job Description:

Job Title: Senior Manual Ethical Hacker
Corporate Title:  SVP
Location:  Dublin

Company Overview:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection.  Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Location Overview:

Our Central Park office in Leopardstown, boasts modern facilities based in Dublin’s premium business park. With an onsite gym and staff restaurant, all your daily needs are conveniently catered for. Travel options include the LUAS network and the Central Park shuttle service between Dublin City Centre and Central Park. We also provide tax saver tickets as part of our award-winning benefits package, which means getting to work has never been so easy.

Role Description:

As an Ethical Hacker: You’ll Play a vital role in our Cybersecurity Assurance Program.  Your mission? Safeguarding our applications from potential threats. 

In this role you’ll assess our application security by conducting penetration tests.  Think of it as a digital detective work to uncover vulnerabilities.  You’ll evaluate both internal and external web, mobile, and web service applications.  Your goal? To stay ahead of malicious hackers by collaborating with our team to strengthen our defense by identifying and reporting security weaknesses.

Responsibilities:

Understanding the requirements of our applications and why/how we use them.Testing applications using a variety of tools to identify vulnerabilities that could expose the Bank to riskMonitoring existing and proposed security standard setting groupsConducting meetings to communicate the findings and implications and set realistic timescales for remediationProviding technical support to clients, management and staff throughout risk assessments and the implementation of appropriate data security procedures and productsActing as a SME, providing guidance and knowledge to reduce the vulnerabilities and risk when apps are being createdSharing knowledge with technical and non-technical colleagues through training sessionsRisk management

Join us in fortifying our digital realm and making a real impact in the world of security!

What we are looking for:

One or more of the following certifications(desirable): CISSP, CJEH, OSCP or qualified work experienceProven professional experience in Ethical Hacking or Cyber SecurityExpert level experience and very detailed technical knowledge in at least 3 of the following areas: general information security; security engineering; application architecture; authentication and security protocols; applications session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services.Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, can use scripting/coding techniques, proficiently execute common penetration testing tools, triage and support incidents, and produce high-value findingsExperience in conducting web application ethical hacking assessments.Ability to demonstrate manual web application testing experience i.e. must be able to simulate a SQL inject/Cross-site script attack without the use of toolsKnowledge of network and Web related protocols/technologies (e.g. UNIX/LINUX, TCP/IP, Cookies)Experience with vulnerability assessment tools and penetration testing techniquesSolid programming/debugging skills.Experience of using a variety of tools, included, but not limited to, IBM AppScan, Burp and SQL MapAbility to learn and apply critical thinking in a variety of situations.Effective written and oral communication skillsAbility to multitask and handle multiple projects

Nice to have:

Scripting skills desirable

Benefits of working at Bank of America:
Ireland

Private healthcare for you and your family plus an annual health screen to help you manage your physical wellness with the option to purchase a screen for your partnerCompetitive pension plan, life assurance and group income protection cover if you become unable to work as a result of a disability or health reasons20 days of back-up childcare and 20 days of back-up adult care per annum The ability to change your core benefits as well as the option of selecting a variety of flexible benefits to suit your personal circumstances including access to a wellbeing account, travel insurance, critical illness etc.Access to an Employee Assistance Program for confidential support and help for everyday mattersAccess to free counselling through the Employee Assistance Program and virtual GP services through our private health care planAbility to donate to charities of your choice and the bank will match your contributionOpportunity to access our Arts & Culture corporate membership program and receive discounted entry to some of Ireland’s most iconic cultural institutions and exhibitions.Opportunity to give back to your community, develop new skills and work with new groups of people by volunteering in your local community.

Bank of America

Good conduct and sound judgment is crucial to our long term success. It’s important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well.

We are an equal opportunities employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience.

We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements.