Senior Penetration Testing Specialist

Aprio

Join Aprio's Risk Advisory and Assurance Services as a Senior Penetration Testing Specialist. Help clients maximize opportunities and develop innovative cybersecurity solutions.

Posted 6/30/2026full-timeRemote • 🇺🇸 United StatesSenior💰 $100,000 - $130,000 per yearWebsite

Tech Stack

Tools & technologies

AWSAzureCloudCyber SecurityDNSFirewallsGoogle Cloud PlatformGraphQLLinuxPythonSDLCSOAPSQLTCP/IP

About the role

Key responsibilities & impact

Join Aprio's Risk Advisory and Assurance Services (RAAS) Team team and help clients maximize their opportunities.
Contribute to cutting-edge initiatives as we expand into CMMC, FedRAMP, PCI SSF.
Work on diverse, high-impact projects across a number of teams and industries.
Access unparalleled professional development through training, certifications, and hands-on experience with emerging technologies.

Requirements

What you’ll need

Minimum of 5 years' experience in penetration testing or a related cybersecurity role, with a focus on network, cloud infrastructure, web application, and API testing.
Expertise in network penetration testing, including assessment of protocols (e.g., TCP/IP, DNS, VPN), firewalls, and intrusion detection/prevention systems.
Hands-on experience with cloud security testing in platforms such as AWS, Azure, or GCP, and their cloud native solutions.
In-depth knowledge of web application penetration testing, covering OWASP Top 10 vulnerabilities (e.g., SQL injection, XSS, CSRF) and secure coding practices.
Strong proficiency in API security testing, including REST, SOAP, and GraphQL, with experience in identifying issues like broken authentication, excessive data exposure, and injection flaws.
Familiarity with common penetration testing tools such as Burp Suite, Metasploit, Nmap, Nessus, Wireshark, and Kali Linux.
Experience with scripting languages (e.g., Python, Bash, PowerShell) for automating tests or developing custom exploits.
Understanding of secure development lifecycle (SDLC) and DevSecOps practices to integrate security into CI/CD pipelines.
Strong analytical and problem-solving skills, with the ability to think like an attacker and identify complex attack chains.
Excellent communication skills to articulate technical findings to both technical and non-technical stakeholders in verbal and written form.
Bonus – OSCP, OSWE, CRTP, and other certifications that require hands on skills application to obtain are a huge plus.

Benefits

Comp & perks

Medical, Dental, and Vision Insurance on the first day of employment
Flexible Spending Account and Dependent Care Account
401k with Profit Sharing
9+ holidays and discretionary time off structure
Parental Leave – coverage for both primary and secondary caregivers
Tuition Assistance Program and CPA support program with cash incentive upon completion
Discretionary incentive compensation based on firm, group and individual performance
Incentive compensation related to origination of new client sales
Top rated wellness program
Flexible working environment including remote and hybrid options

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Penetration TestingNetwork Penetration TestingCloud Security TestingWeb Application Penetration TestingAPI Security TestingScripting LanguagesSecure Development LifecycleDevSecOps PracticesVulnerability AssessmentTechnical Communication

Soft Skills

Analytical SkillsProblem-Solving SkillsCommunication Skills

Certifications

OSCPOSWECRTP