Penetration Tester

United States - North Carolina

Information Technology (IT)

Group Functions

Your role

Do you have experience in performing penetration testing? Do you like to test complex applications and find ways around security controls? Do you have proven ability to report and to provide guidance for software teams to remediate vulnerabilities?

We’re looking for penetration testers to:

•perform manual penetration testing against web, thick-client and mobile applications and manual penetration testing against critical infrastructure (e.g. Active Directory, LDAP)
•identify and report vulnerabilities using common methodologies and have extensive knowledge of OWASP
•communicate with application teams on how to remediate certain vulnerabilities
•have knowledge of a variety of technologies and tools, such as Burp Suite, DAST, Azure cloud,
•participate in process improvements and automation
•perform technical QAs, including false-positive analysis and risk rating reviews

Job Reference #

314068BR

City

Raleigh

Job Type

Full Time

Your team

You will be part of the Application Security Testing team, which operates across multiple regions and supports the Application Security Framework. This role is essential to our Technology Services, particularly in the area of Application Security Testing.




Diversity helps us grow, together. That’s why we are committed to fostering and advancing diversity, equity, and inclusion. It strengthens our business and brings value to our clients.


Your expertise

•ideally, 3+ years of hands-on experience in vulnerability analysis and reporting
•knowledge of application security frameworks (OWASP) and experience with Burp Professional
•web application vulnerability knowledge (mechanics, exploitations, impacts, remediations) and general knowledge of commonly used web application technologies (GraphQL, REST/SOAP API, WAF, etc.)
•hands-on experience in SAST and mobile application penetration testing knowledge are a plus
•thick client application penetration testing knowledge and infrastructure penetration testing knowledge are a plus
•certifications (OSCP, CompTIA, Burp Suite Certified Practitioner)

“At UBS, we appreciate our Veterans and are committed to providing opportunities in Financial Services.”

*LI-UBS
*UBS-MOGUL

About us

UBS is the world’s largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors..

We have a presence in all major financial centers in more than 50 countries.

How we hire

We may request you to complete one or more assessments during the application process. Learn more

Join us

At UBS, we embrace flexible ways of working when the role permits. We offer different working arrangements like part-time, job-sharing and hybrid (office and home) working. Our purpose-led culture and global infrastructure help us connect, collaborate, and work together in agile ways to meet all our business needs.

From gaining new experiences in different roles to acquiring fresh knowledge and skills, we know that great work is never done alone. We know that it's our people, with their unique backgrounds, skills, experience levels and interests, who drive our ongoing success. Together we’re more than ourselves. Ready to be part of #teamUBS and make an impact?

Contact Details

UBS Business Solutions SA
UBS Recruiting

Disclaimer / Policy statements

UBS is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce.

Penetration Tester | UBS - Experienced professionals - job boards