Penetration Tester

UBS • Raleigh, NC, US • 2w ago

Your role

Do you have experience in performing penetration testing? Do you like to test complex applications and find ways around security controls? Do you have proven ability to report and to provide guidance for software teams to remediate vulnerabilities?

We’re looking for a penetration tester to:

perform penetration testing against critical infrastructure (e.g. Active Directory, LDAP, DNS)
assess operating system hardening (Windows/Linux/Unix), identifying misconfigurations, privilege escalation paths, and missing baseline controls
perform penetration testing against web, thick-client and mobile applications
identify and report vulnerabilities using common methodologies & communicate with application teams on how to remediate certain vulnerabilities
participate in process improvements and automation
perform technical QAs, including false-positive analysis and risk rating reviews

Job Type

Full Time

Job Reference #

326490BR

City

Raleigh

Your team

You will be part of the Application Security Testing team, which operates across multiple regions and supports the Application Security Framework. This role is essential to our Technology Services, particularly in the area of Application Security Testing.

As a penetration tester, you will play a crucial role in identifying and reporting vulnerabilities within critical UBS applications, including key public banking platforms. You will work closely with application teams to define the scope of work and execute your tests in a responsible manner. Utilizing the latest technologies and tools, you will detect emerging vulnerabilities and risks that could potentially compromise our bank. Furthermore, you will contribute to the enhancement and automation of internal processes and perform technical quality assurance on internal tests conducted.

Your expertise

ideally, 3+ years of hands-on experience in penetration testing web, thick-client and mobile applications.
strong hands-on experience with Active Directory exploitation and post-exploitation techniques.
solid knowledge of network protocols, Windows and Linux internals, DNS, SMB, LDAP, and Kerberos.
experience with OS hardening assessment tools and frameworks (e.g., CIS Benchmarks, Lynis, Microsoft Security Baselines).
track record of explaining technical issues to application teams and assisting them in resolving issues
confident communicator that can explain technology to non-technical audiences
ability to properly document vulnerabilities and to produce penetration test report
ideally certifications in cyber security area, such as OSWE, OSCP, CompTIA Security+, Burp Suite Certified Practitioner

“At UBS, we appreciate our Veterans and are committed to providing opportunities in Financial Services.”

About Us
UBS is a leading and truly global wealth manager and the leading universal bank in Switzerland. We also provide diversified asset management solutions and focused investment banking capabilities. Headquartered in Zurich, Switzerland, UBS is present in more than 50 markets around the globe.

We know that great work is never done alone. That’s why we place collaboration at the heart of everything we do. Because together, we’re more than ourselves. Want to find out more? Visit ubs.com/careers.

Join us

At UBS, we know that it's our people, with their diverse skills, experiences and backgrounds, who drive our ongoing success. We’re dedicated to our craft and passionate about putting our people first, with new challenges, a supportive team, opportunities to grow and flexible working options when possible. Our inclusive culture brings out the best in our employees, wherever they are on their career journey. And we use artificial intelligence (AI) to work smarter and more efficiently. We also recognize that great work is never done alone. That’s why collaboration is at the heart of everything we do. Because together, we’re more than ourselves.

We’re committed to disability inclusion and if you need reasonable accommodation/adjustments throughout our recruitment process, you can always contact us.

Disclaimer / Policy statements

UBS is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce.