Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
RELX

Security Assurance Penetration Tester

RELX

Penetration Tester in information security supporting the offensive security function at Elsevier. Collaborating with teams on vulnerability assessments and promoting secure development practices.

Posted 7/9/2026full-timePittsburgh • Connecticut, Massachusetts, Pennsylvania, Virginia • 🇺🇸 United StatesMid-LevelSenior💰 $71,600 - $119,400 per yearWebsite

Tech Stack

Tools & technologies
AWSAzureCloudGoogle Cloud PlatformPython

About the role

Key responsibilities & impact
  • Tracking and triaging findings from third-party assessments, ensuring timely follow-up and remediation tracking.
  • Collaborating with development, platform, and product teams to communicate findings, track remediation efforts, and improve overall security posture.
  • Facilitating post-assessment reviews and lessons learned sessions with development teams to identify recurring security issues and promote secure development practices.
  • Maintaining program documentation, test records, and reporting artifacts.
  • Conducting penetration testing of web applications, APIs, cloud environments, and internal systems, escalating complex testing scenarios as needed.
  • Performing peer review of penetration testing deliverables, including test plans, findings, and final reports.
  • Participating in scoping exercises and contributing to the selection of appropriate testing methodologies.
  • Supporting security assessments of GenAI-powered applications and features, including LLM integrations, RAG pipelines, and AI agents.
  • Assisting in testing for AI-specific vulnerabilities such as prompt injection, jailbreaking, insecure output handling, model data leakage, and training data poisoning.
  • Contributing to the development of internal GenAI security testing checklists and methodologies, aligned with frameworks such as OWASP Top 10 for LLMs.

Requirements

What you’ll need
  • Experience in information security, penetration testing, or a related field.
  • Experience or coursework in software development, DevOps, or scripting is highly desirable.
  • At least one relevant security certification (e.g., Security+, eJPT, PNPT, CEH, or equivalent) preferred; advanced offensive security certifications such as OSCP are a plus.
  • Foundational understanding of web application architecture, networking, and operating system security.
  • Familiarity with common penetration testing tools (e.g., Burp Suite, Nmap, Metasploit, Nuclei, or equivalent).
  • Working knowledge of OWASP Top 10, common CVEs, and vulnerability scoring frameworks (CVSS).
  • Scripting ability in at least one language (Python, Bash, PowerShell, or similar); development experience is a strong plus.
  • Basic understanding of cloud environments (AWS, Azure, or GCP) and associated security considerations.
  • Exposure to SAST/DAST tools and secure code review practices is desirable.
  • Awareness of GenAI security risks (prompt injection, LLM abuse, insecure AI integrations)

Benefits

Comp & perks
  • country specific benefits
  • annual incentive bonus

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Penetration TestingScripting AbilityWeb Application ArchitectureNetworking SecurityOperating System SecurityCloud SecurityVulnerability Scoring FrameworksSecure Development PracticesAI-Specific VulnerabilitiesTest Plan Review
Soft Skills
CollaborationCommunicationFacilitation
Certifications
Security+EJPTPNPTCEHOSCP