Stratascale
Secure the Digital Future
Senior Security Consultant – Penetration Testing
Security EngineerSecurity EngineerFull TimeRemoteTeam 201-500Since 2020H1B No SponsorCompany SiteLinkedIn
Location
United States
Posted
10 days ago
Salary
$165K - $205K / year
Bachelor Degree5 yrs expEnglishCloud
Job Description
• Perform penetration testing against complex environments covering both external, internal, web application, and other forms of offensive security engagements
• Consult and document attack surface, threats, and vulnerability improvements based on team’s overall assessment of client’s environment
• Perform full assessment and threat modeling against industry best practices to identify control weaknesses and assess the effectiveness of existing controls
• Perform root cause analysis on identified vulnerabilities and attack surface weaknesses to determine technical solutions to be presented to client along with recommendations for remediations
• Collaborate with client’s security teams to understand mitigation or resolutions for findings discovered by analysts
• Review threat intelligence for specific threat vectors that align with client's industry or potentially impacted by to utilize in attack path modeling
• Assist in defining, measuring, and quantifying business risk and vulnerability impacts to clients and their stakeholders
• Provide subject matter expertise and technical support on remediation, cloud security, governance, compliance, and core infrastructure systems
• Assist customers with strategies, use of platforms, technical and compliance analysis, and implementing automation
• Develop and deliver governance models, security frameworks, compliance reporting, and security assessments
• Collaborate with internal sales and technical teams to support the solution sales cycle, qualify opportunities, and ensure successful solution delivery
• Identify customer needs and requirements, recommend appropriate solutions, and proactively identify areas for improvement
• Execute consulting projects by creating and completing deliverables, ensuring client needs and practice obligations are met
• Develop and deliver training content, curricula, and workforce development programs, including in-person and remote sessions
• Participate in customer and internal meetings, providing technical guidance and facilitating discussions
• Stay educated on new product technologies, industry trends, and emerging capabilities within the practice
• Develop and optimize cross practice capabilities, collaborate with peer practice leaders, and mentor other consultants.
Job Requirements
- Completed Bachelor’s Degree in a related field or relevant work experience required
- 5–7 years of hands-on penetration testing/red team experience delivering engagements for mid-to-large enterprises, including leading complex assessments
- Ability to travel to SHI, Partner, Customer events, and on-site testing engagements as needed
- Advanced industry certifications preferred (e.g., OSCP, OSEP, OSWE, GXPN, GPEN, CRTO, CRTP, PNPT; CISSP or CSSLP a plus)
- Demonstrated understanding of legal/ethical considerations, testing authorization, and safe handling of client data.
Benefits
- medical
- vision
- dental
- 401K
- flexible spending
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Security Engineer10 days ago
Full TimeRemote
This role involves strengthening our internal infrastructure and helping automate key security workflows. Monitor and analyze security alerts across multiple security platforms (SIEM, EDR, SOAR) Lead Incident Response - serve as primary responder to security alerts, perform initi...
United States + 180 moreAll locations: United States, Canada, Brazil, Colombia, Argentina, Chile, Venezuela, Bolivarian Republic Of, Bolivia, Plurinational State Of, Ecuador, French Guiana, Guyana, Paraguay, Peru, Suriname, Uruguay, Mexico, Costa Rica, El Salvador, Guatemala, Honduras, Nicaragua, Panama, Dominican Republic, Puerto Rico, Bahamas, Guadeloupe, Haiti, Jamaica, Martinique, Montserrat, United Kingdom, Germany, France, Estonia, Portugal, Hungary, Poland, Ukraine, Romania, Bulgaria, Czech Republic, Slovakia, Belarus, Moldova, Republic Of, Sweden, Greece, Belgium, Italy, Ireland, Switzerland, Netherlands, Finland, Malta, Denmark, Lithuania, Croatia, Spain, Austria, Bosnia And Herzegovina, Iceland, Luxembourg, Macedonia, The Former Yugoslav Republic Of, Montenegro, Norway, Serbia, Slovenia, Albania, Cyprus, Latvia, Monaco, South Africa, Egypt, Algeria, Angola, Benin, Botswana, Burkina Faso, Burundi, Cameroon, Cape Verde, Central African Republic, Chad, Congo, Côte D'ivoire, Congo, The Democratic Republic Of The, Equatorial Guinea, Eritrea, Ethiopia, Gabon, Gambia, Ghana, Guinea, Guinea-bissau, Kenya, Lesotho, Liberia, Libyan Arab Jamahiriya, Madagascar, Malawi, Mali, Mauritania, Mauritius, Mayotte, Morocco, Mozambique, Namibia, Niger, Nigeria, Réunion, Rwanda, Senegal, Seychelles, Sierra Leone, Somalia, Sudan, Swaziland, Tanzania, United Republic Of, Togo, Tunisia, Uganda, Zambia, Zimbabwe, Georgia, Turkey, Israel, United Arab Emirates, Armenia, Azerbaijan, Bahrain, Iraq, Jordan, Kuwait, Lebanon, Oman, Qatar, Saudi Arabia, Palestinian Territory, Occupied, Yemen, India, Japan, Philippines, Pakistan, Thailand, Singapore, Viet Nam, Taiwan, Province Of China, Indonesia, Cambodia, Lao People's Democratic Republic, Malaysia, Myanmar, Korea, Republic Of, China, Afghanistan, Bangladesh, Bhutan, Kazakhstan, Kyrgyzstan, Maldives, Mongolia, Nepal, Sri Lanka, Tajikistan, Turkmenistan, Uzbekistan, Australia, Papua New Guinea, Kiribati, Palau, French Polynesia, Tuvalu, New Zealand
Security Engineer10 days ago
Full TimeRemoteTeam 10,001+Since 1978H1B No Sponsor
This role focuses on developing and deploying certificate automation solutions within the Cybersecurity PKI team, supporting enterprise applications and devices. The individual will lead initiatives for automating services related to issuing and managing certificates and gathering associated data.
PKIPythonJavaBashPowerShellKubernetesTerraformGCPGitHubGitHub ActionsCloud FunctionsCloud RunCertificate AutomationSSL/TLS
Security Engineer10 days ago
Full TimeRemoteTeam 10,001+Since 1876H1B Sponsor
The Security Architect will serve as a technical lead for security consulting, threat modeling, and third-party assessments, developing security architectures and reference patterns for cloud and hybrid environments. Key duties include integrating security into the development lifecycle, evaluating vendor security posture, and leveraging AI tools to enhance assessment efficiency.
Threat ModelingCloud SecuritySecurity ArchitectureAWSAzureGCPSOC 2HIPAAMITRE ATT&CKSTRIDENIST 800-53ISO 27001Third-Party Risk ManagementZero TrustAI Security
Security Engineer10 days ago
Full TimeRemoteTeam 1,001-5,000Since 1998H1B Sponsor
Since 1998, Businessolver has delivered market-changing benefits technology and services supported by an intrinsic responsiveness to client needs. The company creates client programs that maximize benefits program investment, minimize risk exposure, and engage employees with easy...
