Company Overview:

Heartland Payment Systems, Inc. (NYSE: HPY) is a payroll service provider and the 4th largest credit card processor in the United States specializing in petroleum, small to mid-sized restaurants and retail merchants. Founded by Robert O. Carr in 1997, HPS is based in Princeton, New Jersey.

Key Responsibilities

• Conduct technical and social penetration testing of Heartland Payment Systems’ networks, systems and  applications on both a planned and ad hoc basis
• Schedule, and work with project teams to determine the scope of tests to be performed 
• Establish both a technical and non-technical toolset for conducting penetration testing   
• Conduct both white box as well as black box penetration testing
• Develop methodical testing plans against both regulated and unregulated assets
• Develop mitigation plans against identified risks
• Lead project teams assigned to mitigate identified risks
• Consult with team members working on identified source code issues by conducting analysis of code and    interpreting results
• Prioritize risks identified in the penetration testing process
• Establish documentation on testing methodologies and procedures
• Baseline and maintain metrics on penetration testing
• Maintain an understanding new attack vectors, methods and technologies

Qualifications

Education/Certification:

• Bachelor’s Degree in Computer Science, Engineering, Information Systems or equivalent level of industry knowledge
• CISSP certification preferred
• CEH, or GIAC GICH and GPEN certifications preferred      

   

  Required Knowledge

  • In depth knowledge of penetration frameworks and techniques (both technical and social
  • Overall knowledge of general IT operations to include network design, operating system administration, and application development cycles
  • Knowledge of secure coding practices
  • Knowledge of code scanning tools (Fortify, AppScan or similar tools)
  • Ability to communicate with various levels of the organization in a clear and concise manner
  • Ability to manage multiple projects and priorities in a rapidly changing environment
  • Strong analytical and gap analysis skills

   

  Experience Required

  • 5+ years of information security, operational security, risk management, or internal audit experience
  • 3+ of penetration testing experience                            

                                                                                                               

  Physical Requirements and Working Conditions

   

  Physical Requirements:      

   

  Those required in a typical office environment including sitting most of the time, finger dexterity for computer and paper work, talking to convey detailed or important instructions, average hearing for normal conversations, and average visual acuity. 

   

  Working Conditions:           

   

  No hazardous or significantly unpleasant conditions

   

  In accordance with the Americans with Disabilities Act, it is possible that requirements may be modified to reasonably accommodate disabled individuals.  However, no accommodations will be made which may pose serious health or safety risks to the associate or others or which impose undue hardships on the organization.