Lead Engineer, Penetration Tester

About The Position

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, or related field—or equivalent experience
• 7+ years of experience in cybersecurity, including at least 5 years focused on penetration testing or red team operations
• Strong expertise in penetration testing methodologies and web application security
• Advanced knowledge of application development, networking, and systems architecture
• Proficient with Burp Suite and other key security tools (e.g., Nmap, Nuclei, Metasploit, etc.)
• Skilled in scripting and automation using languages such as Python or Go
• Comfortable working across Mac, Windows, and Linux environments
• Strong communicator with the ability to translate complex security issues for technical and non-technical audiences
• Excellent time management and prioritization skills with the ability to meet deadlines
• Proven ability to foster collaboration, drive alignment within cross-functional teams, and demonstrate a solid understanding of how your work impacts the team and guests
• Passionate about mentorship, learning, and continuous improvement
• Demonstrated ability to stay current with evolving security threats and testing techniques

Nice To Haves

• OSCP, OSCE, OSWE, or CISSP certifications

Responsibilities

• Lead and perform penetration tests across Target-developed and third-party applications, including web, API, mobile, hardware, and scoped PCI assets
• Manage the full lifecycle of penetration testing from intake and scoping through discovery, testing, and validation of findings
• Identify, validate, and communicate security vulnerabilities across enterprise systems
• Deliver clear, actionable reports that articulate business impact and remediation guidance
• Partner with Target Tech and Security teams to explain findings, resolve issues, and improve overall security posture
• Mentor and coach team members to strengthen collective technical expertise
• Review and triage submissions from the Bug Bounty program; escalate critical findings to appropriate teams and help drive remediation
• Contribute to threat modeling activities, providing expert insights to identify and prioritize threats
• Provide technical oversight and assist in resolving complex security challenges
• Advocate for continuous improvement of penetration testing tools, processes, and automation
• Participate in on-call rotation for operational and bug bounty support

Benefits

• Comprehensive health benefits and programs (medical, vision, dental, life insurance)
• 401(k)
• Employee discount
• Short term disability
• Long term disability
• Paid sick leave
• Paid national holidays
• Paid vacation