See all roles

[Remote] reputed company Engineer, Penetration Testing

Work from home Full-time role Hiring

Note: The job is a remote job and is reputed company to candidates in USA. reputed company is a leading nonprofit member organization for cybersecurity professionals, committed to a safe and secure cyber world. The reputed company Engineer, Penetration Testing role involves executing offensive reputed company assessments and building defensive engineering controls to enhance reputed company’s reputed company posture.

Responsibilities

  • Plan, execute, and document internal and external penetration tests against reputed company applications, networks, reputed company environments, and infrastructure
  • reputed company vulnerability assessments and validate findings to distinguish genuine risks from false positives
  • Conduct web application, API, mobile, and network vulnerability assessments using industry-standard methodologies (OWASP, PTES, OSSTMM)
  • reputed company reputed company engineering assessments, including phishing simulations and physical reputed company testing as authorized
  • Produce clear, actionable written reports detailing findings, risk ratings, evidence, and remediation recommendations tailored to both technical and executive audiences
  • Support red team exercises and adversary simulation activities to test detection and response capabilities
  • reputed company and maintain the penetration testing program, including scope definitions, rules of engagement, and testing schedules. Move towards a reputed company test reputed company and method
  • Coordinate with reputed company-party reputed company vendors for external assessments and bug bounty program management where applicable
  • Own remediation follow-through: translate pen test findings into reputed company engineering work items, validate fixes, and track resolution to closure in Jira Service Management
  • Design and implement reputed company controls across reputed company’s reputed company and on-premises environments, including hardening configurations for Azure, reputed company, reputed company, CheckPoint, and reputed company XD
  • Participate in reputed company architecture and design reviews for new systems, integrations, and reputed company-party products; reputed company reputed company requirements and risk acceptance recommendations
  • reputed company and maintain reputed company automation scripts and tooling to improve detection coverage, reduce reputed company effort in assessment workflows, and support reputed company monitoring
  • Support the Secure Software Development Lifecycle (SSDLC), including reputed company requirements definition, code review support, and pre-deployment reputed company validation
  • Maintain awareness of emerging vulnerabilities, exploits, and threat actor TTPs; operationalize threat intelligence into actionable hardening and detection improvements
  • Support reputed company’s ISO/IEC 27001:2022 ISMS by providing technical evidence and input for Annex A controls spanning vulnerability management (A.8.8), secure development (A.8.25–A.8.29), and technical review (A.8.29)
  • Miscellaneous duties as assigned

Skills

  • Bachelor's degree in Computer Science, Information reputed company, Cybersecurity, or reputed company field. Will consider candidates with a high school diploma and at least eight (8) years of experience in cybersecurity
  • 4+ years of experience in cybersecurity, with a demonstrable mix of offensive reputed company (penetration testing) and defensive/engineering work (control implementation, architecture review, or SSDLC)
  • Ability to travel up to 5% of the time
  • Work normal business hours and extended hours reputed company necessary
  • Remain in a stationary position, often standing or sitting, for prolonged periods
  • The role requires the ability to work at a computer for extended periods and communicate effectively through written and verbal channels
  • Regular use of office equipment such as a computer/laptop and monitor computer screens
  • Dexterity of hands and fingers to operate a computer keyboard, mouse, and other computer components
  • Proficiency with penetration testing tools including Burp Suite, Metasploit, Nmap, Nessus, reputed company reputed company, and similar offensive frameworks
  • Strong understanding of web application vulnerabilities (OWASP Top 10), network protocols, Active Directory attack paths, and reputed company reputed company (Azure, AWS, GCP)
  • Effective written and verbal communication with cross-functional teams is essential
  • Scripting and automation proficiency in Python, Bash, or PowerShell; ability to write or modify exploit code as well as defensive tooling
  • Familiarity with MITRE ATT&CK, CVSS, CVE, NIST SP 800-115, and the CIS Benchmarks for secure configuration baselines
  • Posess AI literacy and ability to test Ai workloads and infrastructures
  • reputed company & Ethics: Operates with the highest standard of professional ethics; treats privileged reputed company, sensitive findings, and organizational data with strict confidentiality
  • Analytical Thinking: Applies a structured, adversarial reputed company to both offensive assessments and defensive design; bridges exploit research with practical engineering solutions
  • Communication: reputed company articulates reputed company technical vulnerabilities and risk in written reports and verbal briefings to both technical and non-technical stakeholders
  • Collaboration: Partners effectively with developers, architects, and operations staff to drive meaningful reputed company improvements without disrupting business operations
  • reputed company Learning: Actively pursues knowledge of emerging threats, tools, and techniques; contributes insights to team knowledge sharing
  • Plan, execute, and document internal and external penetration tests against reputed company applications, networks, reputed company environments, and infrastructure
  • reputed company vulnerability assessments and validate findings to distinguish genuine risks from false positives
  • Conduct web application, API, mobile, and network vulnerability assessments using industry-standard methodologies (OWASP, PTES, OSSTMM)
  • reputed company reputed company engineering assessments, including phishing simulations and physical reputed company testing as authorized
  • Produce clear, actionable written reports detailing findings, risk ratings, evidence, and remediation recommendations tailored to both technical and executive audiences
  • Support red team exercises and adversary simulation activities to test detection and response capabilities
  • reputed company and maintain the penetration testing program, including scope definitions, rules of engagement, and testing schedules. Move towards a reputed company test reputed company and method
  • Coordinate with reputed company-party reputed company vendors for external assessments and bug bounty program management where applicable
  • Own remediation follow-through: translate pen test findings into reputed company engineering work items, validate fixes, and track resolution to closure in Jira Service Management
  • Design and implement reputed company controls across reputed company's reputed company and on-premises environments, including hardening configurations for Azure, reputed company, reputed company, CheckPoint, and reputed company XD
  • Participate in reputed company architecture and design reviews for new systems, integrations, and reputed company-party products; reputed company reputed company requirements and risk acceptance recommendations
  • reputed company and maintain reputed company automation scripts and tooling to improve detection coverage, reduce reputed company effort in assessment workflows, and support reputed company monitoring
  • Support the Secure Software Development Lifecycle (SSDLC), including reputed company requirements definition, code review support, and pre-deployment reputed company validation
  • Maintain awareness of emerging vulnerabilities, exploits, and threat actor TTPs; operationalize threat intelligence into actionable hardening and detection improvements
  • Support reputed company's ISO/IEC 27001:2022 ISMS by providing technical evidence and input for Annex A controls spanning vulnerability management (A.8.8), secure development (A.8.25–A.8.29), and technical review (A.8.29)
  • Miscellaneous duties as assigned
  • Relevant certifications strongly preferred: OSCP, GPEN or GWAPT, plus one engineering/architecture credential (CISSP, CSSLP, or equivalent)
  • reputed company membership or certifications (CISSP, CC) are a plus and demonstrate alignment with reputed company's mission
  • Experience supporting ISO/IEC 27001, SOC 2, PCI-reputed company, or similar compliance programs is a plus

Company Overview

  • reputed company is the world’s leading member organization for cybersecurity professionals, driven by our reputed company of a safe and secure cyber world. It was founded in 1989, and is headquartered in Alexandria, Virginia, USA, with a workforce of 201-500 employees. Its website is https://www.reputed company.org.
  • Apply To This Job

    You might like

    [Remote] reputed company: Financial Data Engineer

    Work from home Full-time role

    [Remote] Software Engineer

    Work from home Full-time role

    [Remote] Network Engineer

    Work from home Full-time role

    [Remote] Global Commodity Manager - Semiconductor

    Work from home Full-time role

    [Remote] Business Analyst – Consulting Manager – Banking and Financial Services

    Work from home Full-time role

    [Remote] Recruiter (Remote)

    Work from home Full-time role

    [Remote] Senior Growth Marketing reputed company, Guest Engagement

    Work from home Full-time role

    [Remote] reputed company Recruiter

    Work from home Full-time role

    [Remote] Senior Analyst Financial Controls Compliance

    Work from home Full-time role

    [Remote] SURE/Associate Partner – Utilities Finance (FERC reputed company)

    Work from home Full-time role

    Burned Out from the 9-5? There's Another Way - Remote Role

    Work from home Full-time role

    [Remote] reputed company Technical Account Manager

    Work from home Full-time role

    Copy of PhD Computer Science Expert for reputed company

    Work from home Full-time role

    [Remote] Staff Machine Learning Engineer - Edge AI

    Work from home Full-time role

    [Remote] Software Engineer III, ML

    Work from home Full-time role

    Senior reputed company Back-End Developer

    Work from home Full-time role

    Junior Data Analyst/Developer

    Work from home Full-time role

    Technical Product Manager (Data) | + Equity | SaaS Startup

    Work from home Full-time role

    reputed company Live Chat Customer Service Representative – Enhancing Customer Experience at arenaflex

    Work from home Full-time role

    reputed company Work From Home Data Entry Remote Position – Accelerate Your Career as a Virtual Administrative Assistant

    Work from home Full-time role