51 to 75 of 563 Permanent Penetration Testing Jobs

and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA, VM, Pen Testing) and provide oversight and assurance of cybersecurity controls in development and deployment all the way through the system go-live. Hold great working relationships with the Security Architecture team More ❯

are looking for Network Security Engineers who are familiar with both network defense and offensive techniques to support ongoing operations and secure our customers' networks. You will be assisting Penetration Testers with analysis of edge network devices to include vulnerability analysis and exploitation. We are looking for Network Security Engineers with a blend of network infrastructure management and familiarity … with network penetration testing and offensive security. Candidates should have a minimum of 7+ years of experience as a Network Engineer, System Engineer or in the Cyber Security field as a hands-on penetration tester. Candidates with fewer years of experience will be considered on a case-by-case basis, depending on technical skill level. JOB SUMMARY … We are looking for Network Security Engineers to work on covert and secure networks. Prior penetration testing experience is not required but is a plus. This is a great position to transition from more traditional network engineering and network defense into the penetration testing field. This position will allow you to expand both your offensive and More ❯

educating DevOps teams in security best practices Conduct/Lead threat modelling and security design activities alongside Dev/Engineering Teams Work with 3rd parties to support vulnerability and penetration testing Process reports from external penetration testing vendors and coordinate feedback with teams to ensure actions are followed to mitigate identified risks Skills: Software engineering background … Security Frameworks e.g. OWASP SAMM/DSOMM etc Hands-on knowledge of information security processes such as security design review, threat modelling, OWASP Top 10, risk analysis, and software testing techniques Strong understanding of application security awareness, including the security of web applications Experience with risk management activities - identifying, assessing and providing remediation options for application and technology risks More ❯

tested and transitioned to production environments while maintaining compliance with cybersecurity standards and regulations. Collaborate with cross-functional teams, including security architects, engineers, and operations personnel, to oversee integration, testing, and transition plans. Responsible for developing test strategies, performing rigorous security evaluations, and managing the smooth deployment of cybersecurity solutions into live environments. Responsible for conducting analysis of transition … maintain detailed integration plans, including timelines, milestones, and risk assessments to ensure successful deployments. Develop and implement comprehensive cybersecurity test plans that evaluate system security, functionality, and performance. Conduct penetration testing, vulnerability assessments, and security audits to validate security posture and identify gaps. Perform rigorous user acceptance testing and system integration testing to ensure that security … controls and technologies operate as intended. Utilize automated testing tools to assess the effectiveness of security configurations and policies. Collaborate with DevSecOps teams to integrate security testing into CI/CD pipelines, ensuring secure application deployment. Manage the transition of cybersecurity solutions from development and test environments to production, ensuring minimal impact on business operations. Develop and implement More ❯

centric capabilities and network assets. Secure development environments by applying application security architecture principles and best practices. Conduct security evaluations of software and systems, including web application vulnerability assessments, penetration testing, fuzzing, and malware analysis. Contribute to the resilience of critical missions by mitigating vulnerabilities and reducing exposure to cyber exploits. Collaborate with cross-functional teams to embed … analysis, reverse engineering, and code execution manipulation techniques. Experience in defensive security engineering, including data protection, network defense, and incident response. Demonstrated ability to conduct web application vulnerability assessments, penetration testing, fuzzing, and software security evaluations. Ability to work independently on complex projects with significant impact, and to coach junior technical staff. Strong communication skills for collaboration with More ❯

security policies. Ensure security integration into the Software Development Lifecycle (SSDLC) by collaborating with product owners to implement security best practices. Lead and follow up on non-functional security testing (code scanning, penetration testing, threat modelling) and the yearly security auditing campaign, ensuring follow-up as part of the risk management process. Manage the related security risks … in the context of our software development and coordination activities, work with product owners and software development teams on managing identified risks. Provide security expertise to testing teams to enhance security coverage in functional test cases. Organise and perform security trainings for the teams. Support the architecture design activities with security related knowledge. Act as the single point of More ❯

System Security Professional Certification (CISSP) or Security X (previously known as the CASP+) Certification required Must have a solid understanding of security practices and policies and hands-on vulnerability testing experience using Customer tools. Must have experience applying Risk Management Framework. Must have experience formulating and assessing IT security policy. Must have demonstrated knowledge of and experience with common … infrastructure, network and enterprise security architecture) and applying risk assessment methodology to system development. Experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response. Experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls … that encompass the development, design, and implementation. Experience with penetration testing tools. Experience with scripting languages. $200,000 - $250,000 a year The pay range for this job, with multi-levels, is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities More ❯

proactively identify risks to critical mission systems. Design and implement defensive cyber security solutions to protect data, networks, and applications from unauthorized access, modification, or destruction. Perform vulnerability assessments, penetration testing, fuzzing, and malware analysis to detect and mitigate potential security risks. Secure development environments by implementing application security architecture and conducting evaluations of software for security compliance. … Vulnerability research, reverse engineering, and malware analysis Code analysis, code manipulation, and payload development Defensive tool development, threat detection, and incident response Working knowledge of web application vulnerability assessment, penetration testing, and fuzzing techniques. Experience conducting cyber threat intelligence research to stay informed on emerging technologies and threat trends. Familiarity with secure software development practices, application security architecture More ❯

part of projects and initiatives. Work with suppliers and vendors to coordinate contract security engineers, ensuring projects are appropriately resourced and deliverables are provided to a high standard. Organise penetration testing, managing the necessary remedial work and communicating go-live risks. Contribute to the development of the security architecture, the SDLC, and application security testing standards. Support … point of escalation in the event of Major Incidents, Disaster Recover or Business Continuity scenarios. Work with development teams to ensure applications are delivered having followed best practice security testing as part of the SDLC. Assist the CISO, as required, in the wider delivery of Cyber Security. Skills and Experience: Proven experience in a similar role within a mid More ❯

Responsibilities Partner with development, operations, and security teams to integrate security protocols seamlessly into the software development lifecycle. Design, build, and maintain CI/CD pipelines incorporating automated security testing, vulnerability assessments, and compliance checks. Develop and manage infrastructure as code (IaC) configurations, ensuring secure and scalable cloud resources and infrastructure. Conduct security assessments, code reviews, and penetration testing to identify and resolve application, code, and infrastructure vulnerabilities. Monitor system and application logs to detect and address potential security incidents. Implement and oversee identity and access management (IAM) systems to ensure secure authentication and authorization. Provide secure coding guidance to software engineers and assist in remediating security issues. Lead incident response efforts, investigating and mitigating security … code tools, including Terraform, CloudFormation, or Ansible. Strong scripting skills in languages such as Python and Bash for automation and integration. Proficiency with static code analysis, dynamic application security testing (DAST), and vulnerability scanning tools like Fortify and Acunetix. Knowledge: In-depth understanding of security frameworks (e.g., OWASP, NIST) and best practices for mitigating vulnerabilities. Familiarity with common threat More ❯

dataservices & pipelines. Excellent communication skills and the ability to work collaboratively in a cross-functional team. Desired: Expertise in security tools and practices such as vulnerability scanning, automated security testing, and penetration testing for DOD and Federal Systems requiring FIPS, NIST SP 800-53, DOD CC SRG compliance. Experience with containerization and orchestration tools (Docker, Kubernetes). More ❯

as the Cybersecurity Assessment Team's principal Operational Technology SME. Participate in the development and implementation of comprehensive Cybersecurity program strategies, including OT security engineering design review, vulnerability assessments, penetration testing, and incident response planning. Provide technical expertise and guidance to DHS on OT services security matters, including threat analysis, risk mitigation strategies, and secure network and systems More ❯

or comfortable teaching (or able to learn) in the following areas: Network Security (e.g., Firewalls, IDS/IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security More ❯

or comfortable teaching (or able to learn) in the following areas: Network Security (e.g., Firewalls, IDS/IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security More ❯

or comfortable teaching (or able to learn) in the following areas: Network Security (e.g., Firewalls, IDS/IPS, VPNs) Operating System Security (e.g., Windows, Linux hardening) Ethical Hacking and Penetration Testing (e.g., reconnaissance, vulnerability scanning, exploitation) Security Operations (e.g., SIEM, SOC analysis) Incident Response and Digital Forensics Cryptography and Secure Communications Cloud Security (e.g., AWS, Azure, GCP security More ❯

financial services or large-scale enterprises, with an understanding of regulatory requirements in IT and cybersecurity. Security certifications such as CISSP, CISM, CCSK, or similar. Familiarity with vulnerability management, penetration testing, and reviewing IT and security clauses in contracts. Knowledge of control frameworks and audit methodologies within second line risk functions. Strong communication and influencing skills, capable of More ❯

Proficiency in shell scripting, creating Snort rules, or other log-searching query languages. Confidence in handling common security incidents independently. Good understanding of Vulnerability Scanning, Management, and Ethical Hacking (Penetration Testing). Knowledge of ITIL disciplines such as Incident, Problem, and Change Management. Ability to work with minimal supervision. Willingness to work in a 24/7 operations More ❯

Perform initial triage and analysis of alerts generated by security tools (e.g., SIEM platforms). Conduct forensic analysis of digital artifacts including disk images and log data. Assist with penetration testing and vulnerability assessments. Apply remediation measures to detected vulnerabilities and provide security hardening recommendations. Support the deployment and monitoring of firewalls, encryption tools, and other security technologies. More ❯

Perform initial triage and analysis of alerts generated by security tools (e.g., SIEM platforms). Conduct forensic analysis of digital artifacts including disk images and log data. Assist with penetration testing and vulnerability assessments. Apply remediation measures to detected vulnerabilities and provide security hardening recommendations. Support the deployment and monitoring of firewalls, encryption tools, and other security technologies. More ❯

with organizational goals and DoD requirements Oversee the implementation of security controls and ensure compliance with DoD cybersecurity policies and regulations Manage and coordinate security assessments, vulnerability scans, and penetration testing activities Lead the development and maintenance of cybersecurity documentation, including policies, procedures, and incident response plans Collaborate with cross-functional teams to integrate security measures into all More ❯

tools OSINT and cyber-threat intelligence gathering Familiarity with cybersecurity processes Background from system administration or Security Operation Center/CSIRT work is considered an advantage. Computer forensics expertise, penetration testing experience, academic studies, and security related certifications (like: GCFA, GCFE, GCIA, GCIH, CISSP, GREM, OSCP) are a strong plus. Strong ethics, fluent written and spoken English as More ❯

experience with cloud platforms (AWS, Azure, or GCP) - cloud security knowledge preferred. Familiarity with virtualization technologies and associated security controls. Demonstrated experience in at least one of the following: Penetration Testing : Offensive security and exploitation techniques. Digital Forensics : Host, network, or memory-based investigation. Threat Hunting : Detection engineering and hypothesis-driven threat investigation. Knowledge of modern security tooling More ❯

deployment processes that seamlessly integrate security checks and controls. Champion the integration of security practices throughout the software development lifecycle (SDLC), including threat modeling, code analysis, vulnerability scanning, and penetration testing. Collaborate with development teams to implement security best practices, such as secure coding guidelines and secure software design principles. Evaluate, select, and integrate security tools and technologies that … Strong experience of containerization and orchestration technologies (e.g., Docker, Kubernetes, OpenShift, EKS) and securing containerized applications. Hands-on experience with security tools for static code analysis, dynamic application security testing (DAST), and vulnerability scanning, using tools such as Fortify, Acunetix, and Prisma Cloud Proficiency in scripting languages (e.g., Python, Bash) for automation and tool integration. Knowledge of security best More ❯

deployment processes that seamlessly integrate security checks and controls. Champion the integration of security practices throughout the software development lifecycle (SDLC), including threat modeling, code analysis, vulnerability scanning, and penetration testing. Collaborate with development teams to implement security best practices, such as secure coding guidelines and secure software design principles. Evaluate, select, and integrate security tools and technologies that … Strong experience of containerization and orchestration technologies (e.g., Docker, Kubernetes, OpenShift, EKS) and securing containerized applications. Hands-on experience with security tools for static code analysis, dynamic application security testing (DAST), and vulnerability scanning, using tools such as Fortify, Acunetix, and Prisma Cloud Proficiency in scripting languages (e.g., Python, Bash) for automation and tool integration. Knowledge of security best More ❯

reviews will cover risk and gap assessments, threat profiling and analysis, security incident history reviews and thorough evaluations of supplier policies and procedures, current security controls, third party pen testing reports, vulnerability management reports, and information security reports such as SOC2 Reports, NIST or ISO 27001 reports, PCI DSS etc). Manage relationships with large third-party suppliers involved More ❯