Demo

Penetration Tester

JPMorgan Chase
York, NY Full Time
POSTED ON 6/6/2026
AVAILABLE BEFORE 8/6/2026

This position is also open in the following locations: Tampa, FL / Atlanta, FL / Plano, TX / Columbus, OH / McLean, VA / Wilmington, DE

Drive the security of critical banking applications and platforms through hands-on offensive testing.

As an Assessments & Exercises Vice President in the Cybersecurity and Technology Controls organization, you will play a key role in safeguarding the firm’s most vital assets. Your primary responsibility will be to plan, execute, and report on penetration tests targeting high-impact applications, platforms, and services. Leveraging industry-standard methodologies and advanced techniques, you will proactively identify vulnerabilities, collaborate with application owners to understand root causes, and guide effective remediation to strengthen the firm’s security posture.

We are seeking candidates with a passion for offensive security, deep technical expertise in penetration testing, and a commitment to continuous learning and excellence.

Job responsibilities

  • Plan, scope, and execute penetration testing engagements across a variety of environments, including web applications, APIs, cloud platforms, infrastructure, thick-client, and/or mobile applications.
  • Collect and validate pre-requisites for each engagement, ensuring all necessary access, documentation, and approvals are in place.
  • Perform manual and automated testing to identify vulnerabilities, misconfigurations, and security weaknesses, leveraging industry-standard tools and custom scripts.
  • Document and communicate findings through comprehensive reports that include technical details, risk assessments, and actionable remediation recommendations.
  • Conduct peer reviews of penetration test reports to ensure accuracy, consistency, and quality of deliverables.
  • Collaborate with development, infrastructure, and security teams to clarify findings, support remediation efforts, and provide subject matter expertise on offensive security.
  • Stay current with emerging threats, vulnerabilities, and attack techniques by leveraging threat intelligence, security research, and participation in relevant industry groups.
  • Contribute to the continuous improvement of penetration testing methodologies, tools, and frameworks to enhance effectiveness and alignment with firm strategy and regulatory requirements.

Required qualifications, capabilities, and skills

  • 5 years of hands-on penetration testing experience in offensive security, with a proven track record of scoping, executing, and reporting on complex engagements.
  • Expertise in manual penetration testing of web, API, cloud (AWS/Azure/GCP), infrastructure, thick-client, and/or mobile applications (android/iOS), including the use of industry-standard tools (e.g., Burp Suite, Nmap, Metasploit, etc.).
  • Strong understanding of security assessment methodologies such as OWASP Top Ten, NIST Cybersecurity Framework, and other relevant standards.
  • Ability to identify and articulate systemic security issues related to threats, vulnerabilities, and risks, and provide clear, actionable recommendations for remediation.
  • Exceptional organizational and communication skills, including the ability to write detailed technical reports and present findings to both technical and non-technical stakeholders.
  • Experience conducting peer reviews of penetration test reports and mentoring junior testers.
  • Continuous learner who keeps up with the latest offensive security trends, tools, and techniques.

Preferred qualifications, capabilities, and skills

  • Knowledge of cybersecurity practices, operational risk management, and incident response methodologies within the US financial services sector, including relevant regulations, threats, and risks.
  • Proficiency in penetration testing and security concepts for both Windows and Unix-like operating systems.
  • Experience conducting security-focused source code reviews (e.g., Python, Java, Rust).
  • Experience in reverse engineering thick-client and mobile applications to identify vulnerabilities.
  • Relevant certifications such as OSWE, CREST (CRT, CCT), OSCP, OSCE, GXPN, GWAPT, GPEN, GMOB, or BSCP. GXPN, GWAPT, GPEN, GMOB, or BSCP

 

#CTC

Salary.com Estimation for Penetration Tester in York, NY
$109,791 to $138,414
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Penetration Tester?

Sign up to receive alerts about other jobs on the Penetration Tester career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$97,257 - $120,701
Income Estimation: 
$123,167 - $152,295
Income Estimation: 
$77,991 - $108,747
Income Estimation: 
$111,725 - $147,313
Income Estimation: 
$112,673 - $137,290
Income Estimation: 
$140,233 - $181,029
Income Estimation: 
$161,209 - $233,553
Income Estimation: 
$92,729 - $118,963
Income Estimation: 
$118,965 - $150,754
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at JPMorgan Chase

Private Bank - Global Families Group - Senior Client Service Associate
Apply
  • JPMorgan Chase Newark, DE
  • If you are a collaborative team player, solutions -oriented , and committed to delivering premier client service, J.P. Morgan is the place for you! As a Se... more
  • 5 Days Ago
Trade Lifecycle - Associate II
Apply
  • JPMorgan Chase Newark, DE
  • Embark on your journey as a Trade Lifecycle Manager II where you'll be instrumental in managing the pre- and post-trading life cycle across all asset class... more
  • 5 Days Ago
Private Client Banker - Glastonbury, CT
Apply
  • JPMorgan Chase Glastonbury, CT
  • You have a passion for taking care of our customers and employees and making them feel welcomed and valued by building lasting relationships, doing the rig... more
  • 5 Days Ago
J.P. Morgan Wealth Management – Private Client Advisor - Tigard, OR
Apply
  • JPMorgan Chase Tigard, OR
  • At J.P. Morgan Chase, we have an enthusiasm for helping our clients, taking care of our employees, building relationships, and delivering extraordinary cus... more
  • 5 Days Ago
View More Jobs at JPMorgan Chase

Not the job you're looking for? Here are some other Penetration Tester jobs in the York, NY area that may be a better fit.

Senior Penetration Tester
Apply
  • JPMorgan Chase York, NY
  • This position is also open in the following locations: Tampa, FL / Atlanta, FL / Plano, TX / Columbus, OH / McLean, VA / Wilmington, DE / Jersey City, NJ /... more
  • 4 Days Ago
Cybersecurity Penetration Testing Expert
Apply
  • Alignerr York, NY
  • Cybersecurity Penetration Testing Expert (AI Security) About The Role What if your hacking skills could directly shape how safe and secure AI systems are f... more
  • 20 Days Ago
View More Jobs

AI Assistant is available now!

Feel free to start your new journey!