Pentester and Vulnerability Management

Company Description

Are you ready to trade your job for a journey? Become a FlyMate!
Passion, excitement & global collaboration are all core to what it means to be a FlyMate. At Flywire, we’re on a mission to deliver the world’s most important and complex payments. We use our Flywire Advantage - the combination of our next-gen payments platform, proprietary payment network and vertical specific software, to help our clients get paid, and help their customers pay with ease - no matter where they are in the world.

What more do we need to truly be unstoppable? Perhaps, that is you!

Who we are: 

Flywire is a global payments enablement and software company, founded a decade ago to solve high-stakes, high-value payments in education, using modern technology.

Today, we’ve digitized payments for more than 2,700 global clients across education, healthcare, travel & B2B, covering more than 240 countries and territories and supporting over 140 currencies. And, we’re just getting started!

With over 750 global FlyMates, representing more than 40 nationalities, and in 12 offices world-wide, we’re looking for FlyMates to join the next stage of our journey as we continue to grow.

Job Description

The Opportunity

We, at Flywire, are looking for a Security Penetration Tester and Vulnerability Management with a passion for tackling big problems. 

We need a Penetration Tester that can help protect the Flywire infrastructure and platform, interacting directly with stakeholders to address issues related to remediation of vulnerability scanning and assessment this role support activities are focused in both pentesting and helping key stakeholders understand their vulnerability results, providing guidance on the remediation of failing threats, and evaluating false positives.

The ideal candidate for this position will have experience with discovering security vulnerabilities and weaknesses in networks, computer systems, Cloud environments, web-based applications and API to provide remediation recommendations working closely with the teams to solve it in the best way possible for the security and usability.

Are you the type of person who tries to figure out if a system has weaknesses, and tries to exploit them? Are you curious about technology and hunting for attacker activity? Are you looking for opportunities to learn from and educate your talented peers and are genuinely excited to constructively participate? If so, then we have the perfect position for you... You will need a desire to tinker until it's reliable, robust, and secure.

Key responsibilities

• Provide infrastructure penetration testing (Internal, external and wireless).
• Web Application and API Testing.
• Review code vulnerabilities and detect if they are false positives or not.
• Purple team exercises, work with the blue team to improve the detection and alerts.
• Provide recommendations and solutions to solve the security problems that we found, working closely with the Appsec team,  developers, SRE team and IT team.
• Red team exercises to test all the security measures that we have in place in Flywire.
• Support implementing security projects.
• Support vulnerability detection and remediation across the Corporate environment including cloud, code, web applications, containers, endpoint, mobile assets, network.
• Present Vulnerability Assessment Scanning and guidance, False Positive Validation, vulnerability recasting depending on the environment, Compliance Scanning, and scan profile and policy creation.
• Follow up all vulnerability remediation efforts with the teams.
• Understand, review, and interpret assessment and scanning results, reduce false positive findings, and act as a trusted security advisor to the company.
• Assist in partnering with security and technology teams to troubleshoot, develop, select, implement and automate appropriate security solutions to keep systems and data protected from internal and external threats.
• Work with metrics to help analyze and prioritize vulnerabilities for remediation
• Track remediation work consistently in order to evidence improvements to program and closure of vulnerabilities
• Participate in the ongoing improvement of the scanning and vulnerability remediation processes

Qualifications

Here’s What We’re Looking For:

• Strong communication, analytical, and problem-solving skills
• You think like an attacker
• The ability to prioritize tasks optimally
• A proven capability in written and spoken English is important; other language skills are a plus
• A Bachelor of Science and at least 4 years’ experience in IT security or development.
• Knowledge about OWASP top 10, malware, electronic fraud, computer intrusion, identity theft, denial of services, and other potential security threats.
• Deep knowledge about external threats, application security, security principles, techniques and technologies.

At least 2 year of demonstrable experience with:

• Application, network and/or system security and vulnerability management
• Tailoring vulnerability risk ratings based on organization’s environment/external threat
• Interpreting technical reports on vulnerabilities, exploits, and malware
• Communication and reporting on risk to multiple levels across the organization
• Application and network pentesting
• vulnerability scanning tools and other security testing tools

Additional Information

What We Offer:

• Competitive compensation, including Restricted Stock Units 
• Employee Stock Purchase Plan (ESPP)
• Flying Start - Our immersive Global Induction Program (Meet our Execs & Global Teams)
• Work with brilliant people that will keep you on your toes, learn more about their journeys by checking out #InsideFlywire on social media
• Dynamic & Global Team (we have been collaborating virtually for years!)
• Wellbeing Programs (Mental Health, Wellness, Yoga/Pilates/HIIT Classes) with Global FlyMates 
• Be a meaningful part in our success - every FlyMate makes an impact
• Competitive time off including FlyBetter Days to volunteer in a cause you believe in and Digital Disconnect Days!
• Great Talent & Development Programs (Managers Taking Flight – for new or aspiring managers!)

Submit today and get started!

We are excited to get to know you! Throughout our process you can expect to meet with different FlyMates including the Hiring Manager, Peers on the team, the VP of the department, and a skills assessment. Your Talent Acquisition Partner will walk you through the steps and be your “go-to” person for any questions.

Flywire is an equal opportunity employer. With over 40 nationalities across 12 different offices, and diversity and inclusion at the core of our people agenda, we believe our FlyMates are our greatest asset, and we’re excited to watch our unique culture evolve with each new hire.