Cloud Security/Penetration Test Engineer

10+ years of progressive experience in web application penetration testing, cybersecurity, with at least 4+ years focused on cloud security engineering.

Strong organizational, administrative, project management and communication skills will be required to manage the overall security program.

Deep hands-on experience with Google Cloud Platform (GCP) security services and best practices is essential and managing cloud security alerts in our SIEM.

Strong practical experience with Microsoft Azure and Amazon Web Services (AWS) security services.

Proven expertise in securing SaaS applications and understanding of common SaaS security challenges.

Extensive experience with scripting skills, network security principles and implementation in cloud environments.

For all our US based team members, we offer a variety of benefits from competitive salaries, medical, dental and vision coverage, disability coverage, employer paid life insurance, mental health resources, 401(k) plan and a fully paid parental leave program.

Additional perks include:

Generous PTO

Flexible work schedules

Remote work opportunities

Paid company holidays

We are seeking a highly skilled Cloud Security Engineer to join our dynamic team. This is a crucial customer-facing role where you will be instrumental in designing, implementing secure cloud configurations, manual web application testing and securing complex cloud environments for our clients across Google Cloud Platform (GCP), Microsoft Azure, and Amazon Web Services (AWS), with a strong emphasis on GCP. A fundamental part of your role will be demonstrating your ability to manually penetration test web applications.

You will leverage your deep expertise in SaaS security, network security, and compliance to provide strategic guidance and hands-on support, ensuring our clients' cloud infrastructures are robust, resilient, and compliant with industry standards.

Perform manual penetration testing activities on Web Applications and Mobile Applications using black-box testing tools, in-depth penetration test (using shell scripts and manual testing) techniques, DAST & SAST tools. The candidate should be highly experienced with black box, gray box and white box testing techniques along with red teaming skills

Understand the application architectural components, business purpose of the application and code at high level. The resource will be responsible for assisting in architecting secure coding practices.

Web Application: Highly familiar with OWASP Top 10 and the ASVS. You will be the Subject Matter Expert within the organization to demonstrate OWASP Top 10 findings and provide resolution recommendations.