Cybersecurity Senior Penetration Tester

Elliott Davis•Nashville, TN

1d•Hybrid

About The Position

Elliott Davis pairs forward-thinking tax, assurance and consulting services with industry-leading workplace culture. Our nine offices — located in the fastest growing cities in the US — are built on a foundation of inclusivity, collaboration, and collective growth. We work daily to provide exceptional service to our people, customers, and our communities. Audit and assurance services are provided by Elliott Davis, LLC (doing business in NC and D.C. as Elliott Davis, PLLC), a licensed CPA firm. As a member of the Elliott Davis Digital Cyber team, you will be responsible for having an in-depth knowledge of ethical hacking techniques and countermeasures to provide a variety of cybersecurity services to our clients. Our goal is to help protect our client’s cybersecurity with the services we provide.

Requirements

A Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Systems, Computer Engineering, or a closely related technical field
4+ years of hands-on penetration testing experience, preferably in a client-facing consulting environment
Demonstrated experience performing network, web application, API, vulnerability, and cloud security assessments
One or more current penetration testing certifications (e.g., OSCP, eCPPT, GPEN, OSWE, GWAPT, eWPT, PNPT)
Strong analytical and problem-solving skills with the ability to think like an attacker and assess real-world risk
Familiarity with common security and compliance frameworks (PCI DSS, HIPAA, NIST, CIS, ISO 27001)
Ability to manage multiple engagements concurrently while maintaining high-quality client deliverables
Strong technical writing and presentation skills, with the ability to communicate effectively to both technical and non-technical audiences
Comfortable working in a collaborative team environment with peer review and shared ownership of outcomes
Willingness to support after-hours testing as required by client engagements
Patience, flexibility, and a sense of humor are a must

Responsibilities

Execute internal and external penetration tests against enterprise environments, including network, web application, API, mobile, wireless, and cloud-hosted systems, using industry‑standard commercial and open‑source tools
Perform open‑source intelligence (OSINT) reconnaissance to support attack surface mapping and social engineering simulations
Conduct wireless security assessments, including WPA2/3 testing, rogue access point detection, and segmentation validation
Perform internal configuration reviews and vulnerability assessments, identifying attack paths, privilege escalation opportunities, and systemic security weaknesses
Document findings clearly and accurately, including risk ratings, exploitation evidence, business impact, and actionable remediation guidance
Collaborate with peers through technical peer review and quality assurance processes to ensure consistency and accuracy of deliverables
Stay current with emerging vulnerabilities, attack techniques, and tooling through ongoing research and hands‑on lab work

Benefits

generous time away and paid firm holidays, including the week between Christmas and New Year’s
flexible work schedules
16 weeks of paid maternity and adoption leave, 8 weeks of paid parental leave, 4 weeks of paid and caregiver leave (once eligible)
first-class health and wellness benefits, including wellness coaching and mental health counseling
one-on-one professional coaching
Leadership and career development programs
access to Beyond: a one-of-a kind program with experiences that help you expand your life, personally and professionally

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume