Offensive Security Specialist

DeepSeas

Offensive Security Specialist at DeepSeas conducting penetration tests and security assessments. Producing client-ready reports and collaborating with stakeholders on security findings.

Posted 6/8/2026full-timeRemote • California • 🇺🇸 United StatesMid-LevelSeniorWebsite

Tech Stack

Tools & technologies

AWSAzureCloudDNSGoogle Cloud PlatformPythonTCP/IP

About the role

Key responsibilities & impact

Conduct internal and external network penetration tests including enumeration, exploitation, lateral movement, and post-exploitation within defined scope.
Perform web application assessments aligned to OWASP Top 10 and API security testing standards.
Conduct basic cloud security assessments (AWS, Azure, GCP) including misconfiguration identification, IAM review, and exposed services enumeration.
Support AI/LLM security assessments including prompt injection, model abuse scenarios, and OWASP LLM Top 10 coverage under senior guidance.
Produce complete, client-ready findings reports with clear technical narratives, reproduction steps, risk ratings, and remediation guidance.
Participate in client kick-off calls and debrief walkthroughs, communicating findings professionally to technical and non-technical stakeholders.
Maintain accurate engagement documentation, time tracking, and artifact organization in project management systems.
Pursue continuous development through assigned training, lab environments, and certification advancement.
May be required to travel up to 50% of the time.
Must be a US Citizen.

Requirements

What you’ll need

1–3 years of professional penetration testing or applied offensive security experience; strong candidates with equivalent demonstrated skills will be considered.
Hands-on penetration testing certification preferred. Examples include PNPT (TCM Security), OSCP (Offensive Security), CompTIA PenTest+, or eWPT/eJPT with demonstrated experience.
Proficiency with standard toolsets: Nmap, Metasploit, Burp Suite, Nessus/OpenVAS, BloodHound, or equivalents.
Solid understanding of networking fundamentals (TCP/IP, DNS, HTTP/S, AD, VPNs) and common vulnerability classes.
Familiarity with at least one scripting language (Python, Bash, or PowerShell) for basic automation and tooling.
Exposure to cloud platforms (AWS, Azure, or GCP) and awareness of common cloud misconfiguration patterns.
Strong written communication with the ability to produce accurate, professional-quality findings documentation.

Benefits

Comp & perks

Understanding and following DeepSeas’s information security policies and procedures.
Remaining vigilant and reporting any suspicious activity or possible weaknesses in DeepSeas’s information security.
Actively participating in DeepSeas’s efforts to maintain and improve information security.
DeepSeas considers this position is as Moderate Risk with a potential to view/access/download restricted/private client/internal data.
This information must be treated with sensitivity and in the most secure manner.
HR reserves the right to perform random background/drug screens to ensure the safety of client/DeepSeas data

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

penetration testingoffensive securityweb application assessmentscloud security assessmentsnetworking fundamentalsscripting languagesvulnerability identificationrisk ratingsremediation guidanceAPI security testing

Soft Skills

communicationdocumentationclient interactionprofessionalismorganizationtime trackingteam collaborationreport writingstakeholder engagementcontinuous development

Certifications

PNPTOSCPCompTIA PenTest+eWPTeJPT