At Jack Henry, we deliver technology solutions that are digitally transforming and empowering community banks and credit unions to provide enhanced and streamlined user experiences to their customers and members. Our best-in-class products are just the start as we lay the groundwork for the future of digital banking and payments. We hope you’ll join us. We can’t do it without you.
Jack Henry is seeking a talented individual to take the lead on vulnerability testing across our technology ecosystem. As we continue to modernize our operations in this area, this individual will play a pivotal role, working with both third party support and other team members who assist in performing penetration testing functions. There is tremendous growth potential as our vulnerability risk management strategy continues to take shape, and this individual will have the opportunity to help architect practices and grow with the team. To be successful in this role, candidates must have a strong knowledge of penetration testing as well as the organizational skills to liaise with outside testers and mentor internal testers.
This position can be based to work out of any Jack Henry office or remotely from any US location. Salary range for this position is $90-155k, depending on candidate experience and geographic location.
What you’ll be responsible for:
- Understand the security requirements of our software stack, corporate IT environment and legacy Infrastructure.
- Apply threat modeling techniques to evaluate risks and threats to our organization and our customers; Formulate security architecture recommendations.
- Simulate cyber attacks to identify system vulnerabilities.
- Develop penetration testing methodologies.
- Prepare detailed reports on the findings of penetration tests, and confirm success of remediation efforts.
- Recommend and implement improvements to security policies.
- Actively participate in systems and software design to ensure consistent implementation of security policies and procedures.
- Ensure that existing software, systems and network architecture comply with company security policies, standards, and procedures.
- Collaborate with software, systems and network engineers to ensure that Jack Henry maintains a strong information security posture.
- Provide technical guidance and expertise for internal technology teams to enhance their security practices, educate process owners on the importance of controls, and an effective control environment.
- Stay up to date on Cybersecurity trends and advances and help to update the information security strategy to leverage new technology and threat information.
- Research emerging technologies in support of security enhancement and development efforts.
- Assist in responses to external audits, penetration tests, and vulnerability assessments.
- Create regular reports for upper management based on metrics and data analysis.
- Continuously identify gaps in security program coverage.
- Develop and enhance information security documentation, such as policies, standards, and procedures.
- May perform other job duties as assigned.
What you’ll need to have:
- A minimum of 6 years of experience in cybersecurity, penetration testing, vulnerability management and remediation, application and web security, and/or ethical hacking.
- Experience with penetration testing.
- Experience performing web application exploits with tools including Burp Suite, OWASP ZAP, or similar.
- Experience working with third party information security providers, or working for a company that performs this function.
- Ability to travel up to 5% for team meetings.
What would be nice for you to have:
- Bachelor's degree, particularly in computer science or cybersecurity.
- CEH or CISSP certification, or desire to obtain one.
- Experience working in a highly regulated industry (e.g. government, defense, finance).
- Familiarity with the following regulatory and control frameworks: NIST 800 series publications, BSIMM, SAMM.
If you got this far, we hope you're feeling excited about this opportunity. Even if you don't feel you meet every single requirement on this posting, we still encourage you to apply. We're eager to meet motivated people who align with Jack Henry’s mission and can contribute to our company in a variety of ways.
Why Jack Henry?
At Jack Henry, we pride ourselves through our motto of, "Do the right thing, do whatever it takes, and have fun." We recognize the value of our associates and believe much of our company’s strength and success depends on their well-being. We demonstrate our commitment by offering outstanding benefit programs to ensure the physical, mental & financial wellbeing of our people is always met.
Culture of Commitment
Ask our associates why they love Jack Henry, and many will tell you it is because our culture is exceptional. We do great things together. Rising to meet challenges and seeking opportunities is part of who we are as an organization. Our culture has helped us stay strong through challenging times and we credit our dedicated associates for our success. Visit our Corporate Responsibility site to learn more about our culture and commitment to our people, customers, community, environment, and shareholders.
Equal Employment Opportunity
At Jack Henry, we know we are better together. We value, respect, and protect the uniqueness each of us brings. Innovation flourishes by including all voices and makes our business—and our society—stronger. Jack Henry is an equal opportunity employer and we are committed to providing equal opportunity in all of our employment practices, including selection, hiring, performance management, promotion, transfer, compensation, benefits, education, training, social, and recreational activities to all persons regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, genetic information, pregnancy, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, and military and veteran status, or any other protected status protected by local, state or federal law.
No one will be subject to, and Jack Henry prohibits, any form of discipline, reprisal, intimidation, or retaliation for good faith reports or complaints of incidents of discrimination of any kind, pursuing any discrimination claim, or cooperating in related investigations.
Requests for full corporate job description may be requested through the interview process at any time.