Penetration Tester

About The Position

Requirements

• Proven Experience: Significant experience as a Penetration Tester with a track record of testing complex environments.
• Cloud Proficiency: Hands-on experience performing cloud security assessments (AWS, GCP, or Azure) is essential.
• MacOS Expert: You are a primary MacOS user with the technical proficiency to test and secure native MacOS applications.
• Red-Teaming Mindset: A strong interest or foundational knowledge in red-teaming methodologies, focusing on post-exploitation and lateral movement.
• Technical Toolkit: Proficiency with modern penetration testing tools, methodologies, and reporting standards.
• Documentation Skills: Excellent analytical and documentation skills, with the ability to explain complex technical risks to various stakeholders.
• Communication: Effective communication skills with fluency in written and spoken English.
• Equipment: Ownership of a capable MacOS workstation for running modern security and platform-specific testing tools.
• Availability: Amenable to working during US Eastern Time zone hours.
• Certifications: Relevant certifications such as OSCP, CRTO, or cloud-specific security certs are preferred.

Nice To Haves

• Familiarity with compliance standards such as SOC 2, GDPR, or HIPAA.
• Experience working in a fast-paced technology or cybersecurity startup environment.
• Exposure to security awareness or employee training initiatives.

Responsibilities

• Conduct Advanced Penetration Tests: Perform comprehensive security assessments across cloud, network, and system environments.
• MacOS Application Testing: Execute specialized security evaluations of native MacOS applications to identify platform-specific vulnerabilities.
• Execute Red Teaming & Social Engineering: Go beyond standard assessments by simulating real-world adversary tactics and testing human security awareness through phishing and pretexting.
• Cloud Security Analysis: Evaluate and exploit vulnerabilities within AWS, GCP, or Azure environments to ensure robust cloud architecture.
• Identify and Document Vulnerabilities: Analyze findings, assess impact, and produce detailed reports with clear remediation recommendations.
• Collaborate on Remediation: Work with engineering and operations teams to validate fixes and strengthen overall system security.
• Develop Testing Tools and Methods: Create and refine scripts, tools, and methodologies to enhance testing accuracy and coverage.
• Stay Current with Threat Landscape: Continuously monitor emerging exploits, specifically focusing on MacOS-based threats and cloud-native attack vectors.

Benefits

• Career Development: Clear path with mentorship and training opportunities
• Technical Training: Comprehensive onboarding on security and compliance frameworks
• Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
• Growth Opportunity: Early-stage company with significant room for career advancement.
• Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team.