Perform full stack security assessments across a diverse range of environments including web applications, operating systems, network infrastructure, authentication services, and public cloud platforms.
Threat model common attacker methods to develop mitigation techniques.
Develop automated processes and improve tooling to identify and solve problems at scale.
Collaborate with engineering teams to drive solutions through a secure development lifecycle.
Define and develop technical security standards with business partners.
Research new technologies, emerging threats, and vulnerabilities for strategic planning.

2-4 years of experience in a security role focused on application and network security, penetration testing, security engineering, infrastructure engineering, threat modeling, red team operations, firewall/access control technologies, risk management, or endpoint security controls.
Knowledge of common network security models and protocols, application security, methods of resolving integrity and providing confidentiality, operating systems internals and vulnerabilities, public key infrastructure and digital certificates, and exploit mitigation techniques.
Hands-on experience performing security assessments with common tools such as BurpSuite, Nexpose, Nessus, Metasploit, and Nmap.
Experience performing manual and tool-assisted code reviews (Java, JavaScript, Python, and other languages).
Experience designing solutions and/or performing security assessments in cloud environments (AWS, Azure, Google Cloud).
A related technical degree required.

Enterprise Security Engineer – Pen Testing

Key skills