In this hybrid role based at our Chicago Headquarters, you will plan, execute, and report on penetration tests with a focus on web applications and web APIs across both internally developed and vendor SaaS solutions. Perform hands‑on offensive security testing to identify, validate, and drive remediation of vulnerabilities in modern application and API architectures. Support targeted testing of related infrastructure, cloud services, and internal systems as needed. Work with software engineering, application security, and cyber threat mitigation teams to strengthen the organization’s overall security posture.
Essential Responsibilities
- Perform hands-on penetration testing with a primary focus on web applications and web APIs across homegrown and vendor systems, support testing of cloud, mobile, and internal systems.
- Conduct manual and automated testing, including authenticated and unauthenticated attack scenarios.
- Identify, exploit, and validate vulnerabilities, provide realistic assessments of risk and impact.
- Develop proof‑of‑concept exploits and document attack paths when appropriate.
- Work with development teams to guide remediation efforts, provide recommendations, review fixes, validate resolutions, and retesting.
- Collaborate proactively with engineering through threat assessments, threat modeling, and “what‑could‑go‑wrong” reviews before code is written.
- Analyze and prioritize vulnerability findings based on exploitability, severity, and business impact.
- Produce clear, actionable penetration test reports tailored for technical and non‑technical audiences.
- Present findings and trends to engineering teams, security leadership, and management.
- Contribute to improving internal testing methodologies, tooling, and standards.
- Stay current on emerging threats, attack techniques, and best practices relevant to modern web applications, APIs, and cloud environments.
Education & Years of Experience
- Minimum - 4 Year Bachelors Degree in Computer Science, Cybersecurity, Information Systems or related
- Minimum - 3 Years of Penetration testing, offensive security or related
In Lieu of Education
- 6 Years of Penetration testing, offensive security or related
License/Certifications/Training
- Preferred: Industry certifications such as OSWE, OSCP, OSCE, GPEN, GWAPT, CRTO, or related offensive security credentials
Compensation & Benefits:
Typical hiring range: $92,600.00 to $144,100.00 Annually. Actual compensation will be determined using factors such as experience, skills & knowledge.
Benefits: Alliant provides a benefits package including health care, vision, dental, and 401k with employer match including:
- Annual performance bonus
- Work from home up to 3 days a week
- Paid parental leave
- Employee discount programs
- Time off including paid personal and sick days
- 11 paid holidays
- Education reimbursement
*Note that eligibility and cost of benefits can vary depending on the number of regularly scheduled hours, and job status such as regular full-time, regular part-time, or temporary employment.
Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act. Ensures compliance with all applicable state and federal laws, company procedures and policies. Maintains integrity and ethics in all actions and conversations with or regarding credit union members and their accounts; complies with Privacy Act directives.
The responsibilities listed do not contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice.
Equal Opportunity EmployerThis employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.
Skills Required
- Bachelor's degree in Computer Science, Cybersecurity, Information Systems or related (4-year)
- Minimum 3 years of penetration testing, offensive security or related experience
- In lieu of degree: 6 years of penetration testing, offensive security or related experience
- Experience performing hands-on penetration testing focused on web applications and web APIs (including authenticated and unauthenticated testing)
- Experience developing proof-of-concept exploits and documenting attack paths
- Preferred industry certifications such as OSWE, OSCP, OSCE, GPEN, GWAPT, CRTO or related offensive security credentials
Alliant Credit Union Compensation & Benefits Highlights
-
Retirement Support — Retirement benefits are described as robust, including a 401(k) plan with a 100% match on the first 5% of pay and immediate vesting through Fidelity. Feedback suggests this structure provides strong long-term savings support from day one.
-
Leave & Time Off Breadth — Paid time off is characterized as generous, with 21–31 days of PTO by tenure, 11 paid U.S. bank holidays, and dedicated volunteer time. Senior leaders may also have Flexible Time Off (unlimited), adding further flexibility at higher levels.
-
Healthcare Strength — Health coverage includes two medical plan options and dental, with company‑paid vision benefits and employer HSA contributions when a medical plan is elected. Feedback suggests the breadth of core health coverage is comprehensive for a midsize financial employer.
Alliant Credit Union Insights
What We Do
Alliant is unlike any other financial institution — a digital credit union that wows our members. We’re boldly disrupting banking norms to do good for our members, employees and communities. With 90 years of history and more than $19 billion in assets, Alliant Credit Union is the largest credit union in Illinois and one of the largest in the U.S. Our industry-leading financial products, seamless digital experiences and exceptional customer service make banking simpler for our 900,000+ members. Fully digital, fully human and full of possibility, we work to provide our members with experiences that redefine the financial industry, challenge the status quo and unleash brilliance.
Why Work With Us
Our employees enjoy a hybrid schedule, allowing for flexible remote work and purpose-driven, outcome-focused onsite opportunities. Driven by Alliant's guiding principles and values, employees across all teams build together to provide our members with industry-leading financial products, seamless digital experiences & exceptional customer service.
Gallery
Alliant Credit Union Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
Alliant offers a purpose-driven, outcome-focused hybrid workplace model.





