Senior Advanced Cyber Security Architect/Engineer
Texas, United States of America
Full Time
1 hour ago
$168,140 - $210,469 USD
No Visa Sponsorship
Key skills
CloudAIMachine LearningLeadershipMentoringCommunicationOWASPPenetration Testing
About this role
Role Overview
- Design, execute, and lead end-to-end penetration tests across a wide range of environments, including web applications, APIs, cloud infrastructure, internal and external networks, and mobile applications.
- Conduct penetration testing across software-as-a-service and platform-as-a-service environments, identifying unique risks and attack surfaces specific to cloud hosted and multi-tenant platforms.
- Perform AI and machine learning application security assessments, including testing of large language model applications for vulnerabilities such as prompt injection, model inversion attacks, data poisoning, insecure output handling, and training data leakage.
- Simulate real-world adversarial attack scenarios using threat intelligence and red team methodologies.
- Conduct vulnerability assessments, threat modeling, and risk analysis across diverse technology stacks.
- Develop and maintain custom exploits, scripts, and tooling to support advanced testing scenarios.
- Perform social engineering, phishing simulations, and physical security assessments as required.
- Architect and build a comprehensive, scalable penetration testing program aligned with recognized industry frameworks, including OWASP, PTES, NIST, and MITRE ATT&CK.
- Define penetration testing standards, methodologies, playbooks, and reporting templates.
- Establish key performance indicators and metrics to measure the effectiveness and maturity of the penetration testing program.
- Serve as the primary point of contact for all internal and external penetration testing engagements.
- Collaborate with Engineering, DevSecOps, Information Technology, Risk, and Compliance teams to integrate security testing into the software development lifecycle and continuous integration and delivery pipelines.
- Manage relationships with third-party penetration testing vendors and coordinate external assessments.
- Present findings, risks, and remediation strategies to executive leadership and technical stakeholders.
- Lead, mentor, and develop a team of penetration testers at various skill levels.
- Conduct regular knowledge-sharing sessions, red team exercises, and skills development programs.
- Define career paths and growth frameworks for the penetration testing team.
- Foster a culture of continuous learning and maintain awareness of the evolving threat landscape.
- Recruit and onboard new team members as the program scales.
Requirements
- 10+ years of hands-on penetration testing experience in enterprise environments.
- Proven experience building or significantly maturing a penetration testing program.
- Extensive experience testing software-as-a-service and platform-as-a-service environments and cloud-native applications.
- Strong knowledge of OWASP, PTES, NIST 800-115, MITRE ATT&CK, and CVSS frameworks.
- Demonstrated experience leading and mentoring technical security teams.
- Strong understanding of secure coding practices and software development lifecycle integration.
- Experience writing detailed, executive-ready penetration test reports.
- Excellent written and verbal communication skills, with the ability to translate complex technical findings for non-technical audiences.
- Experience working in regulated industries, such as finance, healthcare, or technology, is preferred.
Tech Stack
- Cloud
Benefits
- employer-subsidized Medical, Dental, Vision, and Life Insurance
- Short-Term and Long-Term Disability
- 401(k) match
- Flexible Spending Accounts
- Health Savings Accounts
- EAP and Educational Assistance
- Parental Leave
- Paid Time Off (for vacation, personal business, sick time, and parental leave)
- 12 Paid Holidays