he Consultant works closely with other Delivery team members on engagements, assessing the security and compliance of various types of client applications and supporting infrastructure against regulatory and industry requirements and standards, as well as security best practice frameworks. The Consultant is a technically proficient individual contributor with broad and deep technical skills, meeting the objectives of their engagements, collaborating with clients, mentoring teammates, and providing subject matter expertise across one or more technical domains. The Consultant is a trusted advisor to clients, and through objective testing and results reporting, supports the client in making well-informed, risk-based decisions to improve overall security posture.
Consultants continue to deepen their skills and broaden their impact both internal to our organization, as well as the Security Community as a whole. As a member of the Threat and Vulnerability Management Team, you will be responsible for architecture review, roles and access review, driving the methodology and execution of offensive penetration testing activities.
Role & Responsibilities:
As a member of the Application Security (AppSec) Team, you will be responsible for architecture review, roles and access review, driving the methodology and execution of offensive penetration testing activities. These duties include:
Provide guidance to teammates and clients by advising on security and configuration best-practices, defense-in-depth, and secure SDLC.
Communicate with client stakeholders to include leadership, systems and network administrators, security engineers, development, and support teams.
Enhance and maintain cloud service provider technical testing methodologies and standards.
Lead and support penetration testing projects through their entirety, i.e. scoping through out-brief
Participate in internal and external security trainings and conferences
Skills & Qualifications:
* Penetration testing web applications and APIs within a cloud environment
* Experience working with Identity Access Management (IAM)
* Red team box testing
* Fully Remote
* 10% Yearly Bonus
* 401k Matching