Senior Penetration Tester - Cloud

Summary

Join Bishop Fox, a leader in continuous offensive security and penetration testing, as a talented penetration tester. You will work alongside US teams supporting clients across multiple industries, diving into cloud security, testing web applications, hacking networks, and reversing software. As a senior consultant, you will work on various projects, solve challenging technical problems, and build creative solutions. You will also provide expert opinions to help clients navigate business decisions. Bishop Fox offers remote work anywhere in the US and a comprehensive benefits program. The company embraces diversity and inclusion, fostering a strong talent base.

Requirements

• 4+ years experience in planning, conducting, and managing web application penetration tests
• 5+ years of hands-on experience in cloud security and application security
• Understanding of its major technologies, such as IAM, EC2, VPC, EBS, S3, CloudWatch, and Lambdas, and how to keep them secure
• Experience with cloud platforms and technologies including Azure, GCP, Docker, and Kubernetes
• Deep understanding of security fundamentals (OWASP), common vulnerabilities, and application security best practices
• Skilled in vulnerability assessment and the development of exploits for diverse targets
• Background in system and network security, authentication and security protocols, and applied cryptography is helpful
• Experience with programming and scripting languages such as Python, Ruby, PowerShell, Java, JavaScript, etc
• Proficiency with operating systems- Linux, Windows, MacOS
• Experience with network and system exploitation including modern tactics, techniques, and procedures (e.g. c2 frameworks, EDR bypass, privilege escalation, password cracking, lateral movement, etc.)
• Experience with IPTs and infrastructure with large-scale scopes
• Strong technical reporting and documentation skills

Responsibilities

• Plan, conduct, and manage web application penetration tests
• Test web applications
• Hack networks
• Reverse software
• Work on a variety of projects which include short-term engagements and extended program work with well-established clients
• Solve challenging technical problems and build creative solutions
• Provide your expert opinion to help our clients navigate difficult business decisions

Preferred Qualifications

Advanced relevant academic training, such as a degree in Computer Science or an OSCP, is a definite bonus

Benefits

• Remote work
• Comprehensive benefits program