Penetration Tester

New York, New York • $140,000-$180,000

About the Company:

Our client is a rapidly growing financial consulting firm that works with a robust clientele and strategically positioned to assist through a range of routine and complex business scenarios. They are looking to hire a Security Analyst/Penetration Tester to be the leader of this new division/service offering within Cyber Security.



  • Manage and execute security assessments for multiple projects simultaneously and ensure project timelines are met
  • Work with client resources on vulnerability management engagements ranging from vulnerability scanning to remediation consulting
  • Effectively communicate vulnerability findings and remediation strategy to client stakeholders including client leadership and technical security team resources
  • Manage consultants, train staff and external clients as necessary



  • 3 – 10 years’ experience in Cyber Security focused role
  • Expert penetration testing capabilities
  • Experience performing automated and manual hands-on vulnerability testing, identifying security risks within target systems and developing key recommendations to remediate identified vulnerabilities
  • Thorough understanding of open security testing standards and projects such as OWASP
  • Experience with testing tool set solutions, such as Qualys, Tenable, Rapid7, Metasploit, Burp Suite, Kali Linux, etc.
  • Knowledge of core cloud service provider (AWS, Azure, GCP) security practices and experience using security testing tools against resources in these cloud environments
  • Experience with covert computer network exploitation and red team exercises
  • Experience with enterprise secure code analysis solutions such as Veracode, CheckMarkx, AppScan source, etc.
  • Core understanding of cryptography and key management concepts
  • Experience with key network security components, including firewalls, intrusion detection systems, anti-virus/anti-malware solutions, authentication systems, logging management systems, content filtering, etc.
  • Deep understanding of key web application security vulnerabilities, such as Cross-Site Scripting (XSS) and Server-Side Request Forgery (SSRF)


Salary Range:





  • Drop files here or
    Max. file size: 2 MB.
    • This field is for validation purposes and should be left unchanged.