Sr. Web Application Penetration Tester

Senior Security Engineer - IS07FE

We’re determined to make a difference and are proud to be an insurance company that goes well beyond coverages and policies. Working here means having every opportunity to achieve your goals – and to help others accomplish theirs, too. Join our team as we help shape the future.

The Hartford’s Information Protection (THIP) organization is looking for a talented individual to join a high-performing team of Application Security Engineers responsible for governing, managing and delivering our company’s application cybersecurity defenses. As a Senior Web Application Penetration Tester, you will have an opportunity to shape the direction of our company’s application penetration testing program by providing thought leadership, professional support, and valued contributions to our growing range of penetration testing activities. This role provides the right person with the opportunity to use their skills and expertise to drive meaningful improvements into the security posture of all application portfolios across our company.

RESPONSIBILITIES :

Plan and perform penetration tests on applications spanning all enterprise lines of business and portfolios

Document findings and recommend remediation strategies

Collaborate with application teams to ensure vulnerabilities are addressed effectively

Develop exploits to demonstrate the potential impact of a successful attack

Participate in broader attack simulation activities assessing systems including infrastructure, network, cloud, and IoT services

Stay up to date with the latest technologies, testing methodologies, tools, security trends and threats

This role will have a Hybrid work schedule, with the expectation of working in an office location (Hartford, CT or Charlotte, NC) 3 days a week (Tuesday through Thursday).

QUALIFICATIONS :

Candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include :

5 years’ experience assessing vulnerabilities across a large enterprise application portfolio

3 years’ experience performing application penetration testing to cover a broad range of enterprise web and mobile applications

Strong understanding of web and mobile architectures and technologies including Single Page Applications (SPA), Multi-Page Applications (MPA), APIs, OAuth 2.0, JavaScript, Java and .NET frameworks

Comprehensive knowledge of web and mobile application security vulnerabilities including OWASP Web Application, API and Mobile Top 10 lists

Ability to effectively extend testing scope to include infrastructure, network, cloud and IoT services

Strong reporting and communication skills

Strong commitment to legal and ethical standards and behaviors

Bachelor's degree from an accredited college or university in computer science, information security, or related field

Certifications such as Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP) or Offensive Security Web Expert (OSWE) are highly desirable and preferred

Candidate must be authorized to work in the US without company sponsorship. The company will not support the STEM OPT I-983 Training Plan endorsement for this position.

Compensation

The listed annualized base pay range is primarily based on analysis of similar positions in the external market. Actual base pay could vary and may be above or below the listed range based on factors including but not limited to performance, proficiency and demonstration of competencies required for the role. The base pay is just one component of The Hartford’s total compensation package for employees. Other rewards may include short-term or annual bonuses, long-term incentives, and on-the-spot recognition. The annualized base pay range for this role is :

127,200 - $190,800

Equal Opportunity Employer / Females / Minorities / Veterans / Disability / Sexual Orientation / Gender Identity or Expression / Religion / Age

About Us () | Culture & Employee Insights () | Diversity, Equity and Inclusion () | Benefits ()

Human achievement is at the heart of what we do.

We believe that with the right encouragement and support, people are capable of achieving amazing things.

We put our belief into action by ensuring individuals and businesses are well protected, and by going even further – making an impact in ways that go beyond an insurance policy.

Nearly 19,000 employees use their unique talents in careers that span a variety of disciplines – from developing the latest technology to creating and promoting our products to evaluating future financial risks.

We’re also committed to programs that drive education and support volunteerism, which put human beings first. We do it because it’s the right thing to do, and because when our customers, communities and employees succeed, we all do.

About Us ()

Culture & Employee Insights ()

Diversity, Equity and Inclusion ()

Benefits ()

Legal Notice ()

Accessibility StatementProducer Compensation ()

Privacy Policy ()

California Privacy Policy

Your California Privacy Choices ()

International Privacy Policy

Canadian Privacy Policy ()

Unincorporated Areas of LA County, CA (Applicant Information)

Salary : $127,200 - $190,800