Job Overview

The Information Security team at Pennymac is seeking a skilled Penetration Tester to proactively identify and mitigate security risks across our digital landscape. You'll leverage your expertise to conduct in-depth penetration tests on web applications and AWS infrastructure, uncovering vulnerabilities and weaknesses. You'll also play a key role in driving the remediation process, collaborating and educating teams to ensure timely and effective resolution of identified security issues.

A Typical Day

• Proactive Security Assessments - Conduct comprehensive security assessments using a combination of manual and automated techniques to uncover vulnerabilities and potential attack vectors across enterprise assets.

• Actionable Remediation Guidance - Deliver clear and concise written and verbal guidance for mitigation and remediation activities, empowering teams to address security weaknesses effectively.

• Threat-Informed Vulnerability Management: Proactively identify and prioritize critical vulnerabilities, incorporating threat intelligence to assess potential exploitability and ensure remediation efforts align with the evolving threat landscape.

• Technical Consultation - Assist technical leaders in application and network design or updates, offering insights to enhance security posture.

• Vendor Oversight - Provide expert technical guidance, establish rules of engagement, and oversee third-party penetration testing services to maintain consistent security standards.

• Automation & Efficiency - Champion the adoption of automated tools for continuous security assessments, strengthening technology value streams, and optimizing efficiency.

• Cross-Functional Collaboration - Partner with teams across the organization to conduct threat modeling and security assessments for new applications and features, ensuring security is integrated from the outset.

• Be ready to tackle new challenges and opportunities as they arise

What You’ll Bring

TECHNICAL SKILLS:

• Strong grasp of AWS architecture, engineering principles, and security best practices.

• Experience in conducting vulnerability assessments, implementing remediation strategies, and driving continuous improvement.

• Deep understanding of security assessment tools and techniques, demonstrating the ability to identify and analyze vulnerabilities effectively.

• Proven ability to perform threat modeling and uncover risks that may evade automated detection tools.

• Comfortable reading and reviewing code in various languages, identifying potential security vulnerabilities and weaknesses.

• A strong understanding of ethical hacking principles and a commitment to responsible disclosure.

• Relevant certifications such as OSCP, CEH, GPEN, or others, demonstrating a commitment to professional development.

BEHAVIORAL:

• Comfortable stepping outside your comfort zone and tackling complex security challenges head-on.

• Proven ability to work independently while maintaining strong collaboration and communication with the team and management.

• Excellent written and verbal communication skills, enabling clear articulation of technical findings and recommendations to diverse audiences.

• Finds satisfaction in meticulously reviewing and documenting findings, ensuring clear communication and contributing to a shared knowledge base.

Why You Should Join

As one of the top mortgage lenders in the country, Pennymac has helped over 4 million lifetime homeowners achieve and sustain their aspirations of home. Our vision is to be the most trusted partner for home. Together, 4,000 Pennymac team members across the country are guided by our core values: to be Accountable, Reliable and Ethical in all that we do.

Pennymac is committed to conducting a business that makes positive contributions and promotes long-term sustainable growth and to fostering an equitable and inclusive environment, where all employees and customers feel valued, respected and supported.

Benefits That Bring It Home: Whether you're looking for flexible benefits for today, setting up short-term goals for tomorrow, or planning for long-term success and retirement, Pennymac's benefits have you covered. Some key benefits include:

• Comprehensive Medical, Dental, and Vision

• Paid Time Off Programs including vacation, holidays, illness, and parental leave

• Wellness Programs, Employee Recognition Programs, and onsite gyms and cafe style dining (select locations)

• Retirement benefits, life insurance, 401k match, and tuition reimbursement

• Philanthropy Programs including matching gifts, volunteer grants, charitable grants and corporate sponsorships

To learn more about our benefits visit: https://pennymacnews.page.link/benefits

Compensation: Individual salary may vary based on multiple factors including specific role, geographic location / market data, and skills and experience as defined below:

• Lower in range - Building skills and experience in the role

• Mid-range - Experience and skills align with proficiency in the role

• Higher in range - Experience and skills add value above typical requirements of the role

Some roles may be eligible for performance-based compensation and/or stock-based incentives awarded to employees based on company and individual performance.

Salary

$90,000 - $150,000

Work Model

REMOTE

Need help finding the right job?

We can recommend jobs specifically for you!

California applicants, please click here to view our Privacy Policy andclick here (https://pennymac.icims.com/icims2/servlet/icims2?module=AppInert&action=download&id=282306&hashed=1906047654) to view our Privacy Notice.

Requisition ID 24-30974

Location US-

Position Type Regular

Category Technology

Education Bachelor's Degree

Years of Experience 7

salary $90,000 - $150,000