Job Description
Are you a security enthusiast who thrives on the challenge of breaking systems to make them stronger? CyberShield Solutions is seeking a world-class Senior Penetration Tester to join our elite Red Team division.
In this pivotal role, you will lead complex assessments, exploit vulnerabilities in enterprise infrastructure, and provide actionable remediation strategies that drive our clients' security posture forward. We value innovation, autonomy, and the relentless pursuit of excellence in cybersecurity.
Why Join Us?
- Competitive compensation package ($140k - $180k base).
- Comprehensive health, dental, and vision insurance.
- Annual learning and development stipend.
- Flexible hybrid work schedule in the heart of San Francisco.
Responsibilities
- Design and execute manual and automated penetration tests against web applications, APIs, and network infrastructure.
- Lead red team engagements simulating advanced adversary tactics and techniques (TTPs).
- Write detailed, executive-level reports that clearly articulate risks and drive remediation across engineering teams.
- Develop custom exploit payloads, testing frameworks, and automation scripts using Python and Bash.
- Collaborate closely with software developers to integrate security best practices into the Software Development Life Cycle (SDLC).
- Maintain a deep understanding of emerging threats, attack methodologies, and the latest vulnerability research.
- Conduct threat modeling sessions and provide security consultation to product management.
Qualifications
- Minimum of 5 years of hands-on experience in penetration testing or offensive security roles.
- Certifications such as OSCP, CEH, CISSP, or GWAPT are highly preferred.
- Proficiency in scripting languages (Python, PowerShell, or Bash) for security automation.
- Strong understanding of network protocols (TCP/IP, HTTP/S) and web application architectures (OWASP Top 10).
- Ability to obtain and maintain a government security clearance (e.g., Secret/Top Secret).
- Excellent communication skills with the ability to explain complex technical findings to non-technical stakeholders.