Offensive Security with Penetration Tester Remote

Job Title:       Offensive Security/Penetration Tester

Duration:       3 months w/ possibility of extension

Location       100% Remote

About

The Security Research & Innovation (SRI) team within Global Security is a high-impact, automation-first security organization responsible for vulnerability management, security research, and offensive operations. This team has an exceptional automation culture — all team members build production automation that eliminates manual work at scale.

The Penetration team conducts various styles of external or assume breach exercises, purple team engagements, and offensive security research to identify systemic risks before attackers do. Successful engagements deliver results that lead to executive-level engagement to drive immediate remediation across the enterprise

Required Qualifications

- 4+ years of experience in offensive security, penetration teaming, or penetration testing in enterprise environments

- Deep expertise in at least 3: network exploitation, web application security, Active Directory attacks, cloud infrastructure attacks, social engineering, physical security

- Strong proficiency in AI, Python, Go, or C/C++ for offensive tool development and automation

-

Experience with Kubernetes, container security, and cloud-native attack techniques

- Experience with C2 frameworks and adversary simulation platforms

-

Knowledge of MITRE ATT&CK framework and adversary emulation methodology

- Experience with AI/ML security — attacking AI systems, prompt injection, model poisoning, or building AI-powered offensive tools

- Experience developing autonomous security testing agents using LLMs

-

Bachelor's degree in Computer Science, Cybersecurity, or equivalent experience

Preferred Qualifications

- Published CVEs, security research papers, or conference presentations (DEF CON, Black Hat, etc.)

- Experience in SaaS/multi-tenant environments processing sensitive data (HCM, payroll, healthcare, financial)

- OSCP, OSCE, OSEP, CRTO, GXPN, or equivalent offensive security certifications

- Familiarity with .NET, Java/Kotlin, and legacy application security assessment

- Experience building infrastructure-as-code (Terraform, Pulumi) for penetration team operations