Key skills
CloudJavaPythonAILeadershipPenetration Testing
About this role
Role Overview
- Leads and executes security assessments to identify, validate, and communicate security risks
- Performs manual and automated penetration testing
- Conducts additional security assessments such as Secure Code Reviews and Dynamic Application Security Testing (DAST)
- Produces clear, actionable reports for technical teams and leadership
- Partners with IT and business stakeholders to assess risk, support remediation, and improve overall security posture
- Develops detailed assessment reports and presents findings to technical teams and leadership
- Coordinates security risk reporting and collaborates with IT sub-divisions, third-party partners, and business units
- Contributes to the evolution of team processes, testing methodologies, standards, and best practices
- Maintains subject-matter expertise in common vulnerability classes and attack techniques
- Stays current on emerging threats, tools, and offensive security techniques.
Requirements
- Minimum five years related work experience
- Three years experience in IT security or application development
- Undergraduate degree in related field or equivalent combination of training and experience
- Hands-on experience performing web application, API, and network penetration testing
- Preferred experience with Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tooling
- Experience in on or more of the following a plus: cloud penetration testing, mobile penetration testing, AI red teaming
- Proficiency in at least one programming or scripting language (e.g., Python, Java)
- Preferred security certifications such as OffSec Certified Professional (OSCP), OffSec Web Assessor (OSWA), OffSec Web Expert (OSWE), GIAC Penetration Tester (GPEN), or GIAC Web Application Penetration Tester (GWAPT).
Tech Stack
- Cloud
- Java
- Python
Benefits
- Flexible working hours
- Professional development opportunities