Skip to content

Cybersecurity Test Engineer – Remote

  • Plan and execute red / purple team activities, including simulated attacks, application penetration testing, and risk assessments.
  • Lead and participate in threat model development
  • Evaluate and analyze identified vulnerabilities to assess risk levels and provide clients with informed recommendations on technical security measures and compliance activities.
  • Develop and Automate testing tools.
  • Identify and provide improvements on existing services, including continuous improvement of methodologies, tools and reports.
  • Ensure quality control measures are adhered to for test execution and the production of delivery artifacts.
  • Write clear and concise reports detailing findings and recommendations for remediation of identified vulnerabilities.
  • Review application and systems for compliance with applicable security standards and best practices.
  • Conduct / contribute to comprehensive risk assessments and vulnerability analyses to identify potential security threats and mitigate risks.
  • Hold a Bachelor’s degree from an accredited college in a relevant discipline, or equivalent experience.
  • Experience in a consulting/professional services role
  • Strong understanding of cybersecurity principles, technologies, and best practices, including encryption, authentication, access control, and secure coding practices.
  • Experience in Application Security and/or Software Development
  • Familiarity with software development methodologies and practices, particularly Agile and DevSecOps.
  • Experience with DevOps and/or Security Maturity Modelling (e.g. OWASP SAMM)
  • Cloud Service penetration testing tradecraft and methodologies across one or more service providers (e.g. AWS, GCP, etc.).
  • Network/host-based penetration testing tradecraft and methodologies.
  • Proficiency in web application penetration testing.
  • Skilled at translating technical implementation (infrastructure as code and configuration as code)
  • Experience conducting / contributing to comprehensive risk assessments and vulnerability analyses
  • Experience testing against one or more IT security compliance frameworks, such as PCI, FISMA, HIPAA, FEDRAMP, or HITRUST
  • Assessment of security controls across modern enterprise services architecture
  • Ability to work independently and as part of a team
  • Strong technical writing skills.
  • Relevant technical certifications such as: Offensive Security Web Expert (OSWE), Offensive Security Certified Professional (OSCP) certification.
  • US Citizenship
  • Ability to hold clearance

Additional Information:

  • Work will be conducted remotely.
  • A variety of alternate work schedules are supported

Desired Expertise: