Cyber Pentest Sr Analyst

Texas Capital is built to help businesses and their leaders. Our depth of knowledge and expertise allows us to bring the best of the big firms at a scale that works for our clients, with highly experienced bankers who truly invest in people's success - today and tomorrow.

While we are rooted in core financial products, we are differentiated by our approach. Our bankers are seasoned financial experts who possess deep experience across a multitude of industries. Equally important, they bring commitment - investing the time and resources to understand our clients' immediate needs, identify market opportunities and meet long-term objectives. At Texas Capital, we do more than build business success. We build long-lasting relationships.

Texas Capital provides a variety of benefits to colleagues, including health insurance coverage, wellness program, fertility and family building aids, life and disability insurance, retirement savings plans with a generous 401K match, paid leave programs, paid holidays, and paid time off (PTO).

Headquartered in Dallas with offices in Austin, Fort Worth, Houston, Richardson, Plano and San Antonio, Texas Capital was recently named Best Regional Bank in 2024 by Bankrate and was named to The Dallas Morning News' Dallas-Fort Worth metroplex Top Workplaces 2023 and GoBankingRate's 2023 list of Best Regional Banks. For more information about joining our team, please visit us at www.texascapitalbank.com.

The Web Application Pentester role is responsible for conducting application penetration tests to identify risk throughout Texas Capital's secure software development lifecycle. As a Sr Analyst , you will ensure the security, integrity, and confidentiality of all Texas Capital web assets. Success in this role includes the ability to work in a fast paced environment, identifying and reducing risk while still meeting business needs and objectives, and collaborate effectively with colleagues.

Responsibilities

• Conduct application security penetration tests to identify vulnerabilities in the software design and implementation.

• Partner with application technology subject matter experts (SMEs) to effectively address risk while supporting the business.

• Influence and facilitate a culture of secure software design and development through application security awareness and best practices.

• Communicate application security concepts effectively across all organization levels.

• Review technical design documentation to ensure security related items are incorporated.

• Ability to think critically, prioritize tasks and solve problems independently or as a team member.

• The duties listed above are the essential functions, or fundamental duties within the job classification. The essential functions of individual positions within the classification may differ. Texas Capital Bank may assign reasonably related additional duties to individual employees consistent with standard departmental policy.

Qualifications

• Bachelor's degree required or equivalent experience in Information Technology or Computer Science discipline.

• AWAE/OSWE, OSCP, CEH, GWAPT, or GPEN security certifications preferable.

• 2+ years of experience conducting security assessments in a secure SDLC workflow, such as Security Architecture Analysis, Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Dynamic Application Security Testing (DAST).

• Experience of using a variety of application security tools such as Burp Suite, GitHub Advanced Security, SQLMap, SSLyze, etc.

• Understanding of security protocols, cryptography, authentication, authorization, and security relative to Applications/APIs.

• Experience working with industry security frameworks (GLBA, CSA, CIS, FFIEC, PCI DSS, GDPR, HIPAA, NIST, etc.)

• Experience with common web stack technologies (HTTP, REST, etc.) and platforms (e.g., AngularJS, Tomcat, .Net, MS SQL, etc.)

• Experience with Continuous Integration/Continuous Deployment tools and processes

• Proven written and verbal skills to communicate security risks to various audiences, ranging from technical to non-technical.

• Experience working with line of business, 2LOD (Risk), and 3LOD (Audit) functions to drive risk reduction across the enterprise.

• Working knowledge of Application Identity and Access management (IAM) including Single Sign On, MFA, identity providers and frameworks for Applications. (FIDO, SAML, OAuth, OpenID Connect)

• MS Office skills including Visio, PowerPoint, Excel and Word and experience using these tools to build system designs and provide updates.

The duties listed above are the essential functions, or fundamental duties within the job classification. The essential functions of individual positions within the classification may differ. Texas Capital Bank may assign reasonably related additional duties to individual employees consistent with standard departmental policy.Texas Capital is an Equal Opportunity Employer.