Work with a Top 20 CPA and advisory firm that Accounts for Anything.
Requirements
Have experience with cloud infrastructure offensive security assessments (e.g., AWS, Azure, GCP), web application and API penetration testing, and traditional network penetration testing
Are proficient in developing assessment documentation and documenting the results of your work
Are familiar with penetration testing requirements for common security compliance frameworks (e.g., FedRAMP, PCI DSS, PCI SSF)
Experience with Red-Team and Purple-Team engagements is a huge plus.
Minimum of 5 years' experience in penetration testing or a related cybersecurity role, with a focus on network, cloud infrastructure, web application, and API testing.
Expertise in network penetration testing, including assessment of protocols (e.g., TCP/IP, DNS, VPN), firewalls, and intrusion detection/prevention systems.
Hands-on experience with cloud security testing in platforms such as AWS, Azure, or GCP, and their cloud native solutions.
In-depth knowledge of web application penetration testing, covering OWASP Top 10 vulnerabilities (e.g., SQL injection, XSS, CSRF) and secure coding practices.
Strong proficiency in API security testing, including REST, SOAP, and GraphQL, with experience in identifying issues like broken authentication, excessive data exposure, and injection flaws.
Familiarity with common penetration testing tools such as Burp Suite, Metasploit, Nmap, Nessus, Wireshark, and Kali Linux.
Experience with scripting languages (e.g., Python, Bash, PowerShell) for automating tests or developing custom exploits.
Understanding of secure development lifecycle (SDLC) and DevSecOps practices to integrate security into CI/CD pipelines.
Strong analytical and problem-solving skills, with the ability to think like an attacker and identify complex attack chains.
Excellent communication skills to articulate technical findings to both technical and non-technical stakeholders in verbal and written form.
Bonus – OSCP, OSWE, CRTP, and other certifications that require hands on skills application to obtain are a huge plus.