Senior Cloud Security Penetration Tester

Summary

Join GuidePoint Security's Threat & Attack Simulation team as a Senior Cloud Security Penetration Tester. Lead cloud penetration testing engagements, focusing on AWS environments, and perform network penetration testing and assumed breach scenarios. You will execute real-world attack simulations, develop sophisticated testing methodologies, and author comprehensive client deliverables. Present findings to stakeholders and stay current with emerging threats. Collaborate with internal teams to improve testing methodologies. This role requires strong AWS expertise, excellent communication skills, and initiative.

Requirements

• 3-5 years of experience in cloud security penetration testing, with strong emphasis on AWS environments
• Demonstrated expertise in network penetration testing and assumed breach methodologies
• In-depth understanding of cloud architecture, security controls, and attack vectors
• Experience with cloud-specific security testing tools (ScoutSuite, Prowler, CloudMapper, Pacu)
• Experience in writing clear, actionable security reports for both technical and executive audiences
• Excellent verbal communication skills for client presentations and stakeholder interactions
• Strong initiative and self-direction, with ability to lead complex security engagements
• OSCP certification or equivalent demonstrable penetration testing experience

Responsibilities

• Lead cloud penetration testing engagements with a focus on AWS environments
• Perform network penetration testing and assumed breach scenarios to validate security risks
• Execute real-world attack simulations to demonstrate the impact of cloud misconfigurations
• Develop and implement sophisticated testing methodologies for cloud environments using tools like ScoutSuite, Prowler, CloudMapper, and Pacu
• Author comprehensive client deliverables including executive summaries, detailed technical reports, and remediation recommendations
• Present findings and recommendations to technical and non-technical stakeholders
• Stay current with emerging cloud security threats, attack vectors, and defensive strategies
• Collaborate with internal teams and peers to continually improve testing methodologies and tooling

Preferred Qualifications

• AWS security certifications (AWS Certified Security - Specialty, etc.)
• Experience with multi-cloud environments (AWS, Azure, GCP)
• Knowledge of containerization technologies and serverless security testing
• Familiarity with compliance frameworks (SOC2, PCI-DSS, HIPAA, etc.)
• Familiarity with LLM/Agentic tools to improve efficiency
• Experience developing custom tools or scripts for cloud security testing
• Background in red teaming or adversary simulation

Benefits

• 100% remote work with minimal travel requirements
• Opportunity to work with diverse, high-profile clients including Fortune 500 companies and government agencies
• Opportunity to lead high-impact security engagements across various industries
• Collaborative environment working alongside cloud security experts within our Threat & Attack Simulation team
• Clear progression opportunities serving as both lead consultant and technical oversight roles
• Continuous learning and professional development opportunities
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option