Sr. Product Penetration Tester

Remote Sr. Product Penetration Tester – Perm - $160,000 - $180,000
The end client is unable to sponsor or transfer visas for this position; all parties authorized to work in the US without sponsorship are encouraged to apply.

An American Company is seeking a Remote Sr. Product Penetration Tester

Role Description

This position is for a penetration testing Lead in the Security Center of Excellence for the Global PC and Smart Device Business Unit (PCSD). This is an exciting role that will give you the opportunity to work with Product teams around the globe to perform penetration test on PCSD’s many products. You will be working alongside the best security teams in the industry. This roll will be responsible to lead pen testing for PCSD Products sold around the world. This will include scoping and planning pen tests with the development teams and then leading execution of those pen tests. You’ll report findings, produce reports and work with the development and security teams to resolve the issues you and your team members find. Other members of the security team will work with you to assess the overall security and privacy risk of the products you are testing. You’ll stay up to date with the industry’s latest techniques and tools. This role will be testing a variety of products and will be well versed in cloud, client, IoT and hardware penetration testing.

As a lead member of the team, you’ll be mentoring and coaching other team members on your immediate team. You will be researching new penetration tools and techniques. This position will be keeping metrics and KPIs to track the team’s performance over time ensuring that growth, improvements, and gaps are accurately communicated to management. You’ll work with development teams to coordinate penetration tests and ensure that products are tested within an appropriate time frame. As a team leader you will be assisting in communicating the priority and risk of both your and other team member’s security findings to development teams. You will have excellent organizational and communication skills ensuring that development teams, other security team members and management are well informed of the penetration testing team’s activities. You will ensure the team is using documented, standard, and appropriate penetration testing mythologies.

• Perform penetration tests on PCSD’s Cloud, Client, IoT and hardware products
• Work with development and security teams to find and explain security issues, suggest mitigations, and ensure they are mitigated.
• Stay up to date on the latest testing tools and techniques ensure both yourself and the teams are using the most effective methods.
• Coach and mentor other members of the penetration teams.
• Ensure proper KPIs and metrics are being recorded
• Schedule penetration tests for product development teams.

Skills & Requirements

• Bachelor’s degree in a relevant field or equivalent relevant experience
• 5+ years of cybersecurity experience
• 3+ years of experience of penetration testing
• 2+ years of acting in a team lead capacity
• 2+ years of mentoring and coaching others in technical roles.

Preferred Qualifications:
• Strong written and verbal communications and interpersonal skills
• Ability to work independently as well as function as an integral part of a team, take initiative and ownership in a fast-paced environment
• Ability to successfully work across regions and functions to solve problems and get things done
• Master’s Degree or equivalent experience in a relevant field
• Experience with penetration testing and diagnostic tools such Burp Suite, Kali Linux, tcpdump, wireshark, nmap, fuzzing tools, code analyst tools, DAST tools, Metasploit, etc.
• Knowledge of Agile processes
• Experience working in a development environment.
• Experience building Red / Purple teams.
• SANS certifications such as GIAC Cloud Penetration Tester (GCPN), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Incident Handler (GCIH), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), GIAC Reverse Engineering Malware (GREM), and GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
• EC-Council certifications such as Certified Ethical Hacker (ANSI or Practical)
• Offensive Security certifications such as Offensive Security Certified Professional (OSCP), Offensive Security
• Experienced Penetration Tester (OSEP), Offensive Security Web Expert (OSWE), Offensive Security Exploit
• Developer (OSED), and Offensive Security Exploitation Expert (OSEE
• Industry security certifications such as CISSP, Security+.

Why Hays?

You will be working with a professional recruiter who has intimate knowledge of the industry and market trends. Your Hays recruiter will lead you through a thorough screening process in order to understand your skills, experience, needs, and drivers. You will also get support on resume writing, interview tips, and career planning, so when there’s a position you really want, you’re fully prepared to get it.

Nervous about an upcoming interview? Unsure how to write a new resume?

Visit the Hays Career Advice section to learn top tips to help you stand out from the crowd when job hunting.

Hays is an Equal Opportunity Employer including disability/veteran.

In accordance with applicable federal and state law protecting qualified individuals with known disabilities, Hays U.S. Corporation will attempt to reasonably accommodate those individuals unless doing so would create an undue hardship on the company. Any qualified applicant or consultant with a disability who requires an accommodation in order to perform the essential functions of the job should call or text 813.336.5570

Drug testing may be required; please contact a recruiter for more information. #1143001


Job Type
Technology & Internet Services
160,000 - 180,000