Skip navigation
Web Application Penetration / Security Tester

Web Application Penetration / Security Tester

Job Description

You are cordially invited to apply to be part of Northwestern Mutual’s growing Cyber Threat Management Team as a Web Application Penetration / Security Tester


 The Challenge! 


Work with Cyber Threat Management (CTM) Team to lead the expansion of web and mobile application security testing capabilities and services in support of Northwestern Mutual’s Information Risk Management Program.  This position will partner with other CTM Team members to build and maintain the inventory of internet-facing systems, assess high level risk of each identified system for testing prioritization purposes, and lead web and mobile application security assessment/penetration testing engagements.  Engagements will be executed using a variety of techniques including vulnerability scanning (e.g., static code scanning, dynamic application scans, infrastructure scans) and penetration testing for NM-developed and/or hosted systems. 


We support you to reach your greatest career goals through continued professional development, a positive work life balance and undeniably cool projects. Join Northwestern Mutual and discover why our diverse team has been consistently ranked as one of the leading employers and repeatedly recognized as a best place to work in the U.S.

Job Requirements

 What's Required?  


  • First and foremost, you need a great attitude and need to enjoy what you do!
  • Two to five years of hands-on experience with web/mobile application penetration/security testing focused on identifying vulnerabilities and executing security exploits in a complex enterprise environment. 
  • Proven track record of building out an ethical hacking program while demonstrating organizational savvy,tact and diplomacy.  
  • Familiarity with web application assessment tools and techniques. 
  • Strong understanding of web application design principles in the areas of coding, infrastructure, middleware, etc.  
  • Firm understanding of applicable frameworks including “OWASP Top Ten" and NIST. 
  • Bachelor’s degree with an emphasis in Computer Science, Computer Engineering, Software Engineering, MIS, or related field. 
  • Demonstrated ability to lead, coach and mentor other staff members. 
  • Strong ability to independently identify and resolve critical and complex issues through effective problem solving skills.  
  • Strong written and verbal communication skills with the ability to interpret and fully explain the programming impact of vulnerabilities as well as any recommended remediation. 


 What would set me apart?


 Desirable qualifications:  One or more certifications in penetration testing and/or ethical hacking (e.g., CPT, CEH, GWEB, OSCP, etc.).  Experience with infrastructure/network penetration testing.  Experience with the following security assessment suites: IBM AppScan, HP Fortify, and QualysGuard.  Experience with one or more scripting/programming languages such as Python, PowerShell, Bash, Perl, etc.  Software development experience preferred, but not required.


Job Snapshot

Employment Type Full-Time
Job Type Information Technology
Education 4 Year Degree
Experience 2 to greater than 15 years
Manages Others No
Industry Insurance
Required Travel Negligible
CareerBuilder Tip:
For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using you are agreeing to comply with and be subject to the Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.

Web Application Penetration / Security Tester

Enter notes about this job: