Texas Capital is built to help businesses and their leaders. Our depth of knowledge and expertise allows us to bring the best of the big firms at a scale that works for our clients, with highly experienced bankers who truly invest in people’s success — today and tomorrow.
While we are rooted in core financial products, we are differentiated by our approach. Our bankers are seasoned financial experts who possess deep experience across a multitude of industries. Equally important, they bring commitment — investing the time and resources to understand our clients’ immediate needs, identify market opportunities and meet long-term objectives. At Texas Capital, we do more than build business success. We build long-lasting relationships.
Texas Capital provides a variety of benefits to colleagues, including health insurance coverage, wellness program, fertility and family building aids, life and disability insurance, retirement savings plans with a generous 401K match, paid leave programs, paid holidays, and paid time off (PTO).
Headquartered in Dallas with offices in Austin, Fort Worth, Houston, Richardson, Plano and San Antonio, Texas Capital was recently named Best Regional Bank in 2024 by Bankrate and was named to The Dallas Morning News’ Dallas-Fort Worth metroplex Top Workplaces 2023 and GoBankingRate’s 2023 list of Best Regional Banks. For more information about joining our team, please visit us at www.texascapitalbank.com.
Brief Overview of Position
The Web Application Pentester role is responsible for conducting application penetration tests and software security architecture reviews to identify risk throughout Texas Capital’s secure software development lifecycle. This role will serve as a subject matter expert (SME) in the areas of web application, API, and cloud security. As a senior member of the team, you will ensure the security, integrity, and confidentiality of all Texas Capital web assets. Success in this role includes the ability to work in a fast paced environment, communicate effectively across the organization, identifying and reducing risk while still meeting business needs and objectives, and a passion to teach and learn from other colleagues.
Responsibilities
- Conduct application security penetration tests to identify vulnerabilities in the software design and implementation.
- Assess emerging application security systems, standards, authentication protocols, and products to determine where they fill gaps, overlap with existing solutions, or extend capabilities.
- Provide guidance on application security architecture standards and design patterns inclusive of web, API, and cloud system integration.
- Partner with application technology subject matter experts (SMEs) to define and formalize security policies required to build, support, and consume application services.
- Influence and facilitate a culture of secure software design and development through application security awareness and best practices.
- Communicate application security concepts effectively across all organization levels.
- Review technical design documentation to ensure security related items are incorporated.
- Ability to think critically, prioritize tasks and solve problems independently or as a team member.
The duties listed above are the essential functions, or fundamental duties within the job classification. The essential functions of individual positions within the classification may differ. Texas Capital Bank may assign reasonably related additional duties to individual employees consistent with standard departmental policy.
Qualifications
- Bachelor's Degree required or equivalent experience in Information Technology or Computer Science discipline.
- AWAE/OSWE, OSCP, CEH, GWAPT, or GPEN security certifications desired.
- 5+ years of experience conducting security assessments in a secure SDLC workflow, such as Security Architecture Analysis, Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Dynamic Application Security Testing (DAST).
- Experience of using a variety of application security tools such as Burp Suite, GitHub Advanced Security, SQLMap, SSLyze, etc.
- Understanding of security protocols, cryptography, authentication, authorization, and security relative to Applications/APIs.
- 5+ years of experience in support, development, design, and implementation of technology solutions on large initiatives - preferably in Financial Services
- Experience working with industry security frameworks (GLBA, CSA, CIS, FFIEC, PCI DSS, GDPR, HIPAA, NIST, etc.)
- Experience building, designing, or securing software architectures including APIs and Microservice-based web services, understand API Gateway pattern and products (e.g., AWS API Gateway, MuleSoft, Software AG, etc.) and implement and access controls for users and API Integrations.
- Experience with common web stack technologies (HTTP, REST, etc.) and platforms (e.g., AngularJS, Tomcat, .Net, MS SQL, etc.)
- Experience with Continuous Integration/Continuous Deployment tools and processes
- Proven written and verbal skills to communicate security risks to various audiences, ranging from technical to non-technical.
- Experience working with line of business, 2LOD (Risk), and 3LOD (Audit) functions to drive risk reduction across the enterprise.
- Working knowledge of Application Identity and Access management (IAM) including Single Sign On, MFA, identity providers and frameworks for Applications. (FIDO, SAML, OAuth, OpenID Connect)
- MS Office skills including Visio, PowerPoint, Excel and Word and experience using these tools to build system designs and provide updates.
Expert level experience and very detailed technical knowledge in at least 3 of the following areas: general information security; security engineering; application architecture; authentication and security protocols; applications session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services.
The duties listed above are the essential functions, or fundamental duties within the job classification. The essential functions of individual positions within the classification may differ. Texas Capital Bank may assign reasonably related additional duties to individual employees consistent with standard departmental policy.Texas Capital is an Equal Opportunity Employer.
Top Skills
What We Do
Our expert bankers are committed to helping your business build and grow. Equipped with experience-based insights and a proven record of implementing custom solutions for clients, we can help you with a suite of business lending, investing and financial management services that see you through every step of the way.
Our client-centric culture thrives because we attract, develop and engage the most experienced and diverse experts in their fields. Over the years, we've developed a supportive culture that values collaboration, rewards performance and respects the well-being of its team members. We know our people are our greatest asset, so we give them the resources and support they need to be successful. Our personal approach has enabled us to deliver exceptional value for our clients for more than two decades — an achievement we’re proud to continue.
Explore a career at Texas Capital Bank: https://www.texascapitalbank.com/who-we-are/careers
Texas Capital Bank is a wholly owned subsidiary of Texas Capital Bancshares, Inc. (NASDAQ®: TCBI). For more information, please visit www.texascapitalbank.com. Member FDIC. NASDAQ®: TCBI. Equal Housing Lender.
Texas Capital Bank and its subsidiaries are equal opportunity employers and do not discriminate on the basis of any protected trait including sex, sexual orientation, gender identity, race, ethnicity, disability, or veteran status. Please view our EEO Policy to learn more: https://www.texascapitalbank.com/equal-employment-opportunity-policy
.JPG)
_2.png)
