Lead and execute advanced penetration tests across web applications and APIs.
Lead and execute advanced penetration tests across cloud and hybrid infrastructure (k8, docker, etc).
Lead and execute advanced penetration tests across identity, authorization, and trust boundaries.
Lead and execute advanced penetration tests across internal and external enterprise attack surfaces.
Lead and execute advanced penetration tests across AI / ML-enabled systems (e.g., LLM-backed applications, Agentic AI).
Identify, exploit and demonstrate realistic business and risk impact.
Perform advanced penetration testing activities, including manual exploitation beyond automated tooling.
Lead penetration testing engagements end-to-end via scoping, test execution, risk assessment and prioritization, and clear reporting and remediation guidance.
Develop a deep technical understanding of systems and products to uncover systemic weaknesses, not just isolated bugs, including weaknesses introduced by AI-driven components.
Partner closely with engineering teams, security architects, AppSec teams, and detection & response teams to influence design and guardrails.

Requirements

Deep hands-on experience in penetration testing, offensive security, or application security testing.
5+ years of experience in penetration testing, offensive security, and vulnerability research.
Proven experience leading complex penetration testing engagements in production or production-like environments.
Strong understanding of application security vulnerabilities and attack chains.
Strong understanding of identity and access control failures.
Strong understanding of cloud security and hybrid environments.
Strong understanding of common defensive controls and their real-world limitations.
Strong understanding of security risks specific to AI and LLM-based systems.
Hands-on experience with manual exploitation and vulnerability chaining.
Hands-on experience with custom scripts, payloads, or proof-of-concept development.
Hands-on experience with advanced use (and limitation awareness) of automated testing tools.
Hands-on experience testing AI-powered applications and APIs.
Ability to clearly articulate exploitation mechanics and impact.
Ability to clearly articulate risk in business and engineering terms.
Ability to propose practical, prioritized remediation strategies.
Strong communication skills and experience working directly with engineers, security teams, and leadership.

Benefits

time off programs
medical, dental, vision
mental health support
paid parental leave
life and disability insurance
401(k)
employee stock purchasing program

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

penetration testingoffensive securityapplication security testingvulnerability researchmanual exploitationvulnerability chainingcustom scriptspayload developmentautomated testing toolsAI-powered applications

Soft Skills

communication skillsarticulation of exploitation mechanicsarticulation of riskproposing remediation strategiescollaboration with engineering teamscollaboration with security teamscollaboration with leadership