
Senior Penetration Testing Specialist
Posted 1 hour ago

Posted 1 hour ago
This is a fully remote position, open to applicants in United States.
• Become a member of Aprio's Risk Advisory and Assurance Services (RAAS) Team and assist clients in optimizing their potential.
• Engage in innovative projects as we broaden our focus into CMMC, FedRAMP, and PCI SSF.
• Participate in a variety of significant projects spanning multiple teams and industries.
• Enjoy unmatched professional growth through training, certifications, and practical experience with cutting-edge technologies.
• At least 5 years of experience in penetration testing or a comparable cybersecurity position, emphasizing network, cloud infrastructure, web application, and API testing.
• Proficiency in network penetration testing, including the evaluation of protocols (e.g., TCP/IP, DNS, VPN), firewalls, and intrusion detection/prevention systems.
• Practical experience with cloud security testing in platforms like AWS, Azure, or GCP, along with their cloud-native solutions.
• Comprehensive understanding of web application penetration testing, addressing OWASP Top 10 vulnerabilities (e.g., SQL injection, XSS, CSRF) and secure coding practices.
• Strong skills in API security testing, including REST, SOAP, and GraphQL, with experience in detecting issues such as broken authentication, excessive data exposure, and injection flaws.
• Familiarity with standard penetration testing tools like Burp Suite, Metasploit, Nmap, Nessus, Wireshark, and Kali Linux.
• Experience with scripting languages (e.g., Python, Bash, PowerShell) for automating tests or creating custom exploits.
• Knowledge of secure development lifecycle (SDLC) and DevSecOps practices to embed security within CI/CD pipelines.
• Strong analytical and problem-solving abilities, with the capacity to think like an attacker and recognize intricate attack chains.
• Excellent communication skills to convey technical findings to both technical and non-technical audiences, in both verbal and written formats.
• Bonus – Certifications like OSCP, OSWE, CRTP, and others that necessitate hands-on skills application are highly advantageous.
• Medical, Dental, and Vision Insurance available from the first day of employment.
• Flexible Spending Account and Dependent Care Account options.
• 401k plan with Profit Sharing.
• Over 9 holidays and a discretionary time off structure.
• Parental Leave – coverage for both primary and secondary caregivers.
• Tuition Assistance Program and CPA support program with a cash incentive upon completion.
• Discretionary incentive compensation based on firm, group, and individual performance.
• Incentive compensation associated with the origination of new client sales.
• Highly-rated wellness program.
• Flexible working environment, including remote and hybrid work options.
BearCom
Skydio
CrowdStrike
C Cubed Capital Partners, LLC
Get handpicked remote jobs straight to your inbox weekly.