Key skills
AWSAzureCloudGoogle Cloud PlatformGCPGoogle CloudActive DirectoryLeadershipCommunicationOWASPPenetration Testing
About this role
Role Overview
- Lead and oversee penetration testing engagements across enterprise applications, systems, networks, cloud platforms, and other in-scope environments.
- Define testing scope, methodology, and priorities based on business risk, threat intelligence, and organizational objectives.
- Validate vulnerabilities and attack paths through manual testing, proof-of-concept development, and adversary emulation techniques.
- Partner with engineering, infrastructure, and application teams to communicate findings, support remediation, and improve overall security posture.
- Lead, mentor, and develop team members to strengthen offensive security capabilities and technical depth.
- Establish and mature offensive security processes, methodologies, reporting standards, and quality controls.
- Develop metrics and reporting to communicate testing coverage, findings trends, remediation progress, and program effectiveness to leadership.
- Collaborate with cross-functional stakeholders to prioritize testing activities and support secure design and remediation efforts.
- Develop or adapt proof-of-concept exploits to validate vulnerabilities and assess potential business impact.
- Create repeatable assessment and reporting processes that support audit, compliance, and governance requirements.
Requirements
- Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience; advanced degree preferred.
- OSCP, OSEP, CRTP, CEH, CPT, CEPT, GPEN or other experienced industry standard penetration testing Certification(s) required.
- 7+ years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, database design, networking, administration, identity, or other responsibilities preferred.
- 5+ years’ experience in information security required.
- 3+ years’ experience performing penetration testing required.
- Work independently and troubleshoot technical and business process related issues.
- Develop subject matter expertise in the entire information security stack.
- Develop technical testing solutions for internal consumption.
- Ability to appropriately analyze and scope vulnerability disclosures, CVEs.
- Expertise in OWASP.
- Experience leading penetration testing programs or engagements in a large enterprise environment.
- Excellent understanding of threat vectors and containment methods
- Knowledge of Active Directory discovery, enumeration and exploit methods.
- Experience assessing cloud environments (AWS, Azure, GCP), including common misconfigurations, attack paths, and defensive controls.
- Excellent written and verbal communication skills, with the ability to present technical findings to both technical and non-technical audiences.
Tech Stack
- AWS
- Azure
- Cloud
- Google Cloud Platform
Benefits
- group health insurance benefits (medical, vision, dental)
- FSA and HSA healthcare accounts
- life and accident insurance
- adoption and fertility assistance
- paid parental leave of up to 6 weeks
- short/long term disability
- paid time off for vacation, personal needs, and sick time
- up to 17 days of Choice Time Off (CTO) per calendar year
- up to 11 paid holidays per calendar year
- opportunity to contribute to 401(k) savings and investment plan with employer match