Manager of IT Support & Endpoint Security overseeing service desk operations and endpoint security strategies. Leading a team to deliver high - quality technical support and manage IT security policies.
About the role
- Senior Penetration Tester defending fintech platform from payment fraud and cyber threats. Leading offensive security assessments to enhance fraud defenses and ensure customer trust.
Responsibilities
- Lead penetration testing engagements focused on payment abuse, transaction manipulation, and business logic exploitation.
- Design and execute automated attack simulations to test our defenses against: Carding and BIN attacks
- Credential stuffing and account takeovers
- Checkout and payment flow abuse
- API-level enumeration and fraud
- Build custom tooling and frameworks to mimic the behavior of real-world fraudsters and cybercriminals.
- Partner with fraud engineering, product security, and risk teams to identify weak points in our controls, detection systems, and architecture.
- Conduct threat modeling and red teaming exercises related to payments, authentication, and user account abuse.
- Document findings in technical reports with clear risk impact, exploitability, and remediation guidance.
- Mentor junior testers and contribute to a culture of security innovation and continuous improvement.
Requirements
- 7+ years of experience in offensive security, penetration testing, or red teaming.
- Strong background in payment systems, financial fraud tactics, and transaction-level attack surfaces.
- Fluency in scripting and automation (e.g., Python, JavaScript, Go, Bash) to simulate attacker workflows at scale.
- Familiarity with tools like Burp Suite Pro, Selenium, Scapy, ffuf, SQLMap, Metasploit, and bot automation frameworks.
- In-depth knowledge of fintech technologies (e.g., tokenized payments, card vaulting, 3DS, ACH, real-time payment APIs).
- Solid grasp of common attacker techniques: carding, fake identity generation, bypassing rate limits, evading fraud filters, and abusing web/app logic.
- Strong communication skills for explaining findings to both technical and non-technical audiences.
- Certifications: OSCP, OSEP, GWAPT, GPEN, GCPN, GXPN, GX-PT, CPSA/CRSA by CREST, CHECK, or TIGER.
- Prior experience in a fintech, digital banking, or payment gateway environment.
- Familiarity with OWASP Automated Threats, PCI DSS, MITRE ATT&CK for Financial Services, or fraud detection systems.
- Experience building or testing real-time risk scoring engines and fraud defense pipelines.
Benefits
- 401k with employer match
- medical, dental, vision
- 12 paid holidays in the year 2025
- 1 hour of sick pay accrual for every 30 hours worked
- parental leave
- life insurance
- disability insurance
- accident and illness insurance
- health and dependent care flexible spending accounts
- wellness benefits
- flexible time off for all full-time employees
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Senior Security Officer responsible for security and safety duties in acute care settings. Providing armed presence and response, coordinating with law enforcement as required.
Security Officer overseeing sensitive information protection and compliance with regulations. Collaborating with internal teams ensure security policy implementation and risk management under EU standards.
Technical consultant addressing information security risks for USAA and guiding strategic security direction. Leading peers in assessing security strategies and educating on best practices.
Technical Recruiter for BGS managing recruitment of Cybersecurity and IT professionals. Collaborating with technical teams to identify skill requirements and enhance talent acquisition processes.
Security and Privacy SME at Dynanet Corporation responsible for data management compliance and governance guardrails. Ensuring secure data handling and adherence to federal regulations.
PAM Manager responsible for strategy, roadmap, and operations of PAM program at Intact. Leading a team to safeguard privileged identities and secrets across various environments.
Senior Cybersecurity Vulnerability Management Versatilist at Boeing. Protecting the IT ecosystem by innovating vulnerability management solutions and leading security initiatives.
Entry level Associate Security Engineer at Navy Federal securing technical infrastructure and workloads with operational capabilities and threat monitoring practices.
Machine Learning Researcher focusing on innovative AI and intelligent automation for cybersecurity. Driving research in Agentic AI and collaborating with cross - functional teams for production - grade features.