Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead cutting-edge security efforts by conducting hands-on penetration testing and risk assessments.
- Company: Join a firm dedicated to enhancing cybersecurity and resilience in a rapidly evolving digital landscape.
- Benefits: Enjoy opportunities for continuous learning, collaboration, and professional growth in a dynamic environment.
- Why this job: Be part of a team that drives innovation and protects critical applications while making a real impact.
- Qualifications: Experience in manual penetration testing and a solid understanding of cybersecurity principles are essential.
- Other info: Ideal for tech-savvy individuals eager to excel in a fast-paced, collaborative setting.
The predicted salary is between 48000 - 84000 £ per year.
Contribute to leading-edge security and resilience efforts, advancing protective strategies and propelling continuous improvement.
As an Assessments & Exercises Vice President in Penetration Test, you will play a significant role in enhancing our firm’s cybersecurity and resiliency posture. You will use industry-standard assessment methodologies and techniques to proactively identify risks and vulnerabilities in our people, processes, and technology. As a key member of our team, you will perform hands-on penetration testing of some of our most critical applications, platforms, and the perimeter. You will collaborate with application developers to understand and mitigate vulnerabilities, and to identify opportunities for early detection in the SDLC.
We are looking for team members who are eager to learn, drive to excel, and have excellent technical knowledge of security concepts and proven expertise in penetration testing.
Job responsibilities
- Design and execute testing and simulations – such as penetration tests, technical controls assessments, cyber exercises, or resiliency simulations, and contribute to the development and refinement of assessment methodologies, tools, and frameworks to ensure alignment with the firm’s strategy and compliance with regulatory requirements
- Evaluate controls for effectiveness and impact on operational risk, as well as opportunities to automate control evaluation
- Collaborate closely with cross-functional teams to develop comprehensive assessment reports – including detailed findings, risk assessments, and remediation recommendations – making data-driven decisions that encourage continuous improvement
- Utilize threat intelligence and security research to stay informed about emerging threats, vulnerabilities, industry best practices, and regulations. Apply this knowledge to enhance the firm’s assessment strategy and risk management. Engage with peers and industry groups that share threat intelligence analytics
Required qualifications, capabilities, and skills
- Experience in conducting manual penetration tests against a wide variety of applications and technologies including web, mobile and thick clients, internal and external facing infrastructures, cloud
- Foundational knowledge of cybersecurity organization practices, operations, risk management processes, principles, architectural requirements, engineering and threats and vulnerabilities, including incident response methodologies
- Ability to identify systemic security or resiliency issues as they relate to threats, vulnerabilities, or risks, with a focus on recommendations for enhancements or remediation, and proficiency in multiple security assessment methodologies (e.g., Open Worldwide Application Security Project (OWASP) Top Ten, National Institute of Standards and Technology (NIST) Cybersecurity Framework), offensive testing tools, or resiliency testing equivalents
- Excellent communication, collaboration, and report writing skills, with the ability to influence and engage stakeholders across various functions and levels
Preferred qualifications, capabilities, and skills
- Proficiency in security concepts for both Windows and Unix-like Operating Systems
- Experience in source code review and/or building software with multiple programming languages (i.e. Python, Java, Rust, etc.)
- Experience in reverse engineering standalone, thick client and mobile applications
- Certifications like CREST (CRT, CCT), OSCP, OSCE, GXPN, GRE
#J-18808-Ljbffr
Senior Penetration Tester employer: JPMorgan Chase
Contact Detail:
JPMorgan Chase Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Penetration Tester
✨Tip Number 1
Stay updated on the latest penetration testing tools and methodologies. Familiarize yourself with industry standards like OWASP and NIST, as these will be crucial in demonstrating your expertise during interviews.
✨Tip Number 2
Engage with the cybersecurity community by participating in forums, attending conferences, or joining local meetups. Networking can lead to valuable connections and insights that may help you stand out as a candidate.
✨Tip Number 3
Prepare for hands-on technical assessments by practicing your skills in real-world scenarios. Set up a home lab to simulate penetration tests on various applications and infrastructures to showcase your practical experience.
✨Tip Number 4
Highlight your collaboration skills by sharing examples of how you've worked with cross-functional teams in the past. Being able to communicate effectively with developers and stakeholders is key in this role.
We think you need these skills to ace Senior Penetration Tester
Some tips for your application 🫡
Understand the Role: Before applying, make sure you fully understand the responsibilities and qualifications required for the Senior Penetration Tester position. Familiarize yourself with the specific methodologies and tools mentioned in the job description.
Tailor Your CV: Customize your CV to highlight relevant experience in penetration testing, cybersecurity practices, and any specific tools or methodologies you have used. Emphasize your hands-on experience with various applications and technologies.
Craft a Strong Cover Letter: Write a compelling cover letter that showcases your passion for cybersecurity and your eagerness to contribute to the firm's security efforts. Mention specific examples of past projects or experiences that align with the job requirements.
Highlight Communication Skills: Since excellent communication and report writing skills are crucial for this role, provide examples in your application that demonstrate your ability to effectively communicate technical findings to non-technical stakeholders.
How to prepare for a job interview at JPMorgan Chase
✨Showcase Your Technical Expertise
Be prepared to discuss your hands-on experience with penetration testing across various applications and technologies. Highlight specific tools and methodologies you've used, such as OWASP Top Ten or NIST Cybersecurity Framework, to demonstrate your technical knowledge.
✨Communicate Clearly and Effectively
Since excellent communication skills are crucial for this role, practice articulating your findings and recommendations clearly. Be ready to explain complex security concepts in a way that stakeholders from different functions can understand.
✨Demonstrate Continuous Learning
Show your eagerness to learn by discussing recent trends in cybersecurity, emerging threats, and how you stay updated with industry best practices. Mention any relevant certifications or courses you are pursuing to enhance your skills.
✨Collaborate and Engage
Prepare to discuss examples of how you've collaborated with cross-functional teams in the past. Emphasize your ability to work with application developers to identify vulnerabilities and improve security measures during the software development lifecycle.
