Full Description

Description

Tyler Technologies is seeking a Penetration Tester to join the Application Security Team. The Penetration Tester position involves conducting manual application security assessments on Tyler products and systems, managing vulnerabilities, and working with development teams to triage potential vulnerabilities and remediate them. This role will integrate essential security practices into the software development lifecycle and includes partnering with various security peer teams, IT, Development, and Engineering to incorporate or enhance security measures.

To excel in this role, candidates should possess experience in complex, fast-paced technical environments, along with a passion for technology and a commitment to process-driven, collaborative problem-solving.

Responsibilities

Conduct security assessments on networks, systems, and applications using manual and automated tools Evaluate the threat, risk, and impact of potential vulnerabilities Document and report potential vulnerabilities from security assessments Coordinate with cross-functional teams to manage vulnerability tracking processes and support vulnerability remediation Collaborate with teammates to learn, regularly share skills and foster team excellence Stay current on evolving threats, trends, tools, and techniques Perform other duties as assigned by the manager

Qualifications

Bachelor’s degree in Cybersecurity, Systems Engineering, Computer Science, Information Systems Management or related field At Least two years of related job experience in IT security

Foundational understanding of the following security concepts

• Application vulnerability assessments
• Common application and operating system weaknesses
• Penetration testing methodologies
• Perimeter security (firewalls, intrusion detection, etc.)

Regulatory compliance standards: PCI-DSS, SOX, HIPAA Secure development concepts Basic programming knowledge of at least one language (e.g., C, C++, C#, Python, Java, J2EE) Strong interpersonal, verbal, and written communication skills Self-motivated with the ability to work independently and collaborate effectively in both team-based and remote environments Strong organizational skills with the ability to manage a wide range of tasks and adapt to shifting priorities Familiarity with common vulnerability databases and frameworks (e.g., OWASP Top 10, SANS Top 25, CVE, CVSS, CWE) Experience with security testing tools (e.g., BurpSuite, Kali Linux, SQLMap, Metasploit, Nmap) Currently hold or able to obtain offensive security certification(s) shortly upon hire (e.g., GWAPT, OSCP, CBBH, CPTS, GPEN, OSWA, GCPN) Experience with public-sector software products and cloud environments Demonstrated contributions to the security community (e.g., public CVEs, bug bounty acknowledgments, open-source projects, blogs, publications) Required to undergo and satisfactorily pass a fingerprint background check in accordance with CJIS requirements.