Saviynt - Distinguished Penetration Tester

SaviyntRemote - US2d ago

Remote Principal NA Cybersecurity Cloud Computing Penetration Tester Advisor AWS Azure Reporting Kubernetes Account Management

Upload My Resume

Drop here or click to browse · PDF, DOCX, TXT

Apply in One Click

Requirements

Application Securitytesting - Lead and conduct highly advanced, in-depth white-box penetration testing of web applications and APIs.
Cloud Security assessments - Perform comprehensive security assessments and penetration testing on Cloud Infrastructure (AWS and Azure), including configuration, deployment models, and integrated services.
Deep-dive into Kubernetes clusters and containerized applications, exploiting misconfigurations and security flaws in containerized workloads.
Define the offensive security roadmap and lead the adoption of cutting-edge testing techniques and tools.
Serve as an advisor and act as effective challenger to Architecture, Engineering, and DevOps teams, providing expert guidance on secure design patterns and critical remediation strategies across all technology domains (App, API, Cloud, K8s).
Lead advanced threat modelling exercises for major initiatives, focusing on identifying sophisticated, high-impact risks specific to our unique environment.
Analyse, prioritize, and articulate complex security findings based on holistic risk, exploitability, and business context, focusing on vulnerabilities that pose a significant threat to organizational goals.
Drive the selection, customization, and deployment of best-in-class security tools and develop proprietary tools or frameworks to address unique testing challenges.
Develop and present executive-level technical reports that are actionable.
Mentor other penetration testers fostering a culture of excellence, continuous learning, and security research.
Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field. Or equivalent work experience with demonstrated results.
15+ years of hands-on, progressive experience in penetration testing and offensive security.
A minimum of 10 years focused on advanced security assessments of Application and API ecosystems.
A minimum of 10 years focused on complex penetration testing of AWS and/or Azure cloud infrastructures and Kubernetes/Containerized Environments.
OSCP certification and similar hands-on offensive-based certifications are preferred.

Responsibilities

Application Securitytesting - Lead and conduct highly advanced, in-depth white-box penetration testing of web applications and APIs.
Cloud Security assessments - Perform comprehensive security assessments and penetration testing on Cloud Infrastructure (AWS and Azure), including configuration, deployment models, and integrated services.
Deep-dive into Kubernetes clusters and containerized applications, exploiting misconfigurations and security flaws in containerized workloads.
Define the offensive security roadmap and lead the adoption of cutting-edge testing techniques and tools.
Serve as an advisor and act as effective challenger to Architecture, Engineering, and DevOps teams, providing expert guidance on secure design patterns and critical remediation strategies across all technology domains (App, API, Cloud, K8s).
Lead advanced threat modelling exercises for major initiatives, focusing on identifying sophisticated, high-impact risks specific to our unique environment.
Analyse, prioritize, and articulate complex security findings based on holistic risk, exploitability, and business context, focusing on vulnerabilities that pose a significant threat to organizational goals.
Drive the selection, customization, and deployment of best-in-class security tools and develop proprietary tools or frameworks to address unique testing challenges.
Develop and present executive-level technical reports that are actionable.
Mentor other penetration testers fostering a culture of excellence, continuous learning, and security research.
Complete security & privacy literacy and awareness training during onboarding and annually thereafter
Review (initially and annually thereafter), understand, and adhere to Information Security/Privacy Policies and Procedures such as (but not limited to):
> Data Classification, Retention & Handling Policy
> Incident Response Policy/Procedures
> Business Continuity/Disaster Recovery Policy/Procedures
> Mobile Device Policy
> Account Management Policy
> Access Control Policy
> Personnel Security Policy
> Privacy Policy
Saviynt is an amazing place to work. We are a high-growth, Platform as a Service company focused on Identity Authority to power and protect the world at work. You will experience tremendous growth and learning opportunities through challenging yet rewarding work which directly impacts our customers, all within a welcoming and positive work environment. If you're resilient and enjoy working in a dynamic environment you belong with us!