Premium cybersecurity, compliance and privacy services for your business, because security is an essential.
Lead Penetration Tester
Location
United States
Posted
48 days ago
Salary
Not specified
Job Description
Role Description
The Lead Penetration Tester is an experienced offensive security professional who reports directly to the Director of Offensive Security. In this client-facing role, you will lead and execute penetration testing engagements for MSSP customers, serve as an escalation point for other penetration testers, and help ensure high-quality, defensible deliverables across the team.
- Lead and execute penetration tests primarily across web applications, external APIs, and networks, performing manual testing, exploitation, and validation beyond automated scanning.
- Serve as the primary escalation point for other penetration testers to unblock investigations, validate exploitation paths, and review findings for accuracy and consistency.
- Conduct scoping calls with customers, confirm rules of engagement, and manage the pentest lifecycle.
- Present findings to engineering teams and executive stakeholders, translating technical issues into remediation priorities.
- Contribute to internal offensive security tooling, playbooks, templates, and scripts.
Qualifications
- Minimum 2 years of verifiable experience as a professional penetration tester in a full-time role.
- Direct experience in pentesting web applications, external web APIs, and networks.
-
Experience in one or more of the following categories:
- Mobile Applications
- Cloud Infrastructures (AWS, Azure, GCP)
- GenAI/ML
- Desktop (Thick Client) Applications
- Vishing/Phishing
- Secure Code Reviews
- Strong exploitation and validation skills with technical abilities above verifying scan results.
- Ability to produce clear and precise penetration test reports with reproducible steps and screenshots of evidence to provide practical remediation guidance effectively with customers.
- Ability to mentor and uplift other Offensive Security team members through technical guidance, review, and structured feedback.
- Must be currently based in the United States. No sponsorship available for this position.
Benefits
- Supportive leadership and a clear growth path
- 100% of employee medical premiums are covered by the employer and discounted family insurance options
- Dental and Vision Benefits
- PTO and Sick Time + 11 paid Holidays
- 401K retirement option with company match
- Company-paid Life Insurance
- Annual Subscription to TalkSpace (online counseling & therapy service)
Job Requirements
- Minimum 2 years of verifiable experience as a professional penetration tester in a full-time role.
- Direct experience in pentesting web applications, external web APIs, and networks.
- Experience in one or more of the following categories: Mobile Applications Cloud Infrastructures (AWS, Azure, GCP) GenAI/ML Desktop (Thick Client) Applications Vishing/Phishing Secure Code Reviews
- Mobile Applications
- Cloud Infrastructures (AWS, Azure, GCP)
- GenAI/ML
- Desktop (Thick Client) Applications
- Vishing/Phishing
- Secure Code Reviews
- Strong exploitation and validation skills with technical abilities above verifying scan results.
- Ability to produce clear and precise penetration test reports with reproducible steps and screenshots of evidence to provide practical remediation guidance effectively with customers.
- Ability to mentor and uplift other Offensive Security team members through technical guidance, review, and structured feedback.
- Must be currently based in the United States. No sponsorship available for this position.
Benefits
- Supportive leadership and a clear growth path
- 100% of employee medical premiums are covered by the employer and discounted family insurance options
- Dental and Vision Benefits
- PTO and Sick Time + 11 paid Holidays
- 401K retirement option with company match
- Company-paid Life Insurance
- Annual Subscription to TalkSpace (online counseling & therapy service)
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Director of Information Technology
Core Sound ImagingCore Sound Imaging, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
The Director of Information Technology is hands on to lead and scale our IT, security, cloud, and infrastructure capabilities as we continue to grow as a SaaS health technology company. This role is critical to ensuring the reliability, security, and compliance of our platforms w...
At Hugging Face, we're on a journey to democratize good AI. We are building the fastest growing platform for AI builders with over 11 million users who collectively shared over 2M models, 700k datasets & 600k apps. Our open-source libraries...
SAP Security Consultant
Hitachi Digital ServicesHitachi Digital Services is an independent services business that focuses on delivering a unified operating model for cloud, data, IoT and managed services. Playing a pivotal role in Hitachi's digital transformation strategy, Hitachi Digital Services places a strong emphasis on Generative AI to deliver an integrated end-to-end digital transformation for enterprises. The company is strategically positioned within the Hitachi Digital portfolio of companies to leverage the synergies between operational technology (OT), information technology (IT), and product and service offerings. Such positioning allows Hitachi Digital Services to work closely with Hitachi Digital, the new Hitachi Vantara and Hitachi group businesses, including GlobalLogic, to create an integrated end-to-end digital transformation solution for enterprises
SAP Security Consultant supporting S/4HANA implementations at Hitachi Digital Services
Director of IT & Security leading IT operations and security for a growing law firm
