Senior Software Tester at Emerson testing the DeltaV MES platform software. Collaborating with developers and participating in agile activities.
About the role
- Senior Penetration Tester leading security assessments to defend fintech platform against fraud. Focusing on automation and scalable defenses in a fast-paced environment.
Responsibilities
- Lead penetration testing engagements focused on payment abuse, transaction manipulation, and business logic exploitation
- Design and execute automated attack simulations to test our defenses against: Carding and BIN attacks, Credential stuffing and account takeovers, Checkout and payment flow abuse, API-level enumeration and fraud
- Build custom tooling and frameworks to mimic the behavior of real-world fraudsters and cybercriminals
- Partner with fraud engineering, product security, and risk teams to identify weak points in our controls, detection systems, and architecture
- Conduct threat modeling and red teaming exercises related to payments, authentication, and user account abuse
- Document findings in technical reports with clear risk impact, exploitability, and remediation guidance
- Mentor junior testers and contribute to a culture of security innovation and continuous improvement
Requirements
- 7+ years of experience in offensive security, penetration testing, or red teaming
- Strong background in payment systems, financial fraud tactics, and transaction-level attack surfaces
- Fluency in scripting and automation (e.g., Python, JavaScript, Go, Bash) to simulate attacker workflows at scale
- Familiarity with tools like Burp Suite Pro, Selenium, Scapy, ffuf, SQLMap, Metasploit, and bot automation frameworks
- In-depth knowledge of fintech technologies (e.g., tokenized payments, card vaulting, 3DS, ACH, real-time payment APIs)
- Solid grasp of common attacker techniques: carding, fake identity generation, bypassing rate limits, evading fraud filters, and abusing web/app logic
- Strong communication skills for explaining findings to both technical and non-technical audiences
- Certifications: OSCP, OSEP, GWAPT, GPEN, GCPN, GXPN, GX-PT, CPSA/CRSA by CREST, CHECK, or TIGER
- Prior experience in a fintech, digital banking, or payment gateway environment
- Familiarity with OWASP Automated Threats, PCI DSS, MITRE ATT&CK for Financial Services, or fraud detection systems
- Experience building or testing real-time risk scoring engines and fraud defense pipelines
Benefits
- 401k with employer match
- medical
- dental
- vision
- 12 paid holidays in the year 2025
- 1 hour of sick pay accrual for every 30 hours worked
- parental leave
- life insurance
- disability insurance
- accident and illness insurance
- health and dependent care flexible spending accounts
- wellness benefits
- flexible time off for all full-time employees
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
QA Analyst handling analytical testing and quality assurance for Baldwin Richardson Foods. Supporting production compliance with food safety and quality standards in a manufacturing setting.
QA Technician ensuring stringent quality standards and regulatory compliance at Vibrant Ingredients. Conduct inspections, tests, and support continuous improvement for product reliability and customer satisfaction.
Join a leading firm as an experienced QARA Consultant focusing on diverse medical device projects. Engage with varied clients while managing regulatory reporting and compliance in a collaborative team.
Test Automation / QA Engineer responsible for ensuring high quality in mobile apps and cloud services. Working with both manual and automated testing for various workflows and integrations.
Quality Controller in automotive sector focusing on inspections and rework of components at Vollmann Group. Ensuring quality standards and compliance with technical specifications at Crimmitschau site.
Specialist Quality Engineering role focusing on Python Automation. Responsible for coordinating test efforts and enhancing automation scripts with a strong emphasis on collaboration and problem - solving.
Quality Engineer developing standards and methods for inspecting aerospace products in Camden, Arkansas. Conducting analysis on nonconformities and leading PFMEA activities.
Developing innovative IVD tests with LC - MS technology at Roche. Focused on automated methods for sample preparation and analytics.
Quality Assurance Analyst II ensuring quality in digital applications for TheIncLab. Independently plans and executes testing for assigned features, collaborating with development and product teams.