Senior Cloud Security Penetration Tester
About the Role
We are seeking a highly skilled Senior Cloud Security Penetration Tester with strong AWS expertise to join our Threat & Attack Simulation team. In this role, you will lead cloud penetration testing engagements, focusing on network penetration testing and assumed breach scenarios to validate real-world risks in cloud environments. You will work as part of a supportive 3-person project structure, serving as either the lead consultant (primary performer) or providing technical oversight, depending on the engagement. The ideal candidate will combine technical excellence with outstanding communication skills and demonstrate initiative in driving security improvement efforts.
Key Responsibilities
Lead cloud penetration testing engagements with a focus on AWS environments
Perform network penetration testing and assumed breach scenarios to validate security risks
Execute real-world attack simulations to demonstrate the impact of cloud misconfigurations
Develop and implement sophisticated testing methodologies for cloud environments using tools like ScoutSuite, Prowler, CloudMapper, and Pacu
Author comprehensive client deliverables including executive summaries, detailed technical reports, and remediation recommendations
Present findings and recommendations to technical and non-technical stakeholders
Stay current with emerging cloud security threats, attack vectors, and defensive strategies
Collaborate with internal teams and peers to continually improve testing methodologies and tooling
Required Qualifications
3-5 years of experience in cloud security penetration testing, with strong emphasis on AWS environments
Demonstrated expertise in network penetration testing and assumed breach methodologies
In-depth understanding of cloud architecture, security controls, and attack vectors
Experience with cloud-specific security testing tools (ScoutSuite, Prowler, CloudMapper, Pacu)
Experience in writing clear, actionable security reports for both technical and executive audiences
Excellent verbal communication skills for client presentations and stakeholder interactions
Strong initiative and self-direction, with ability to lead complex security engagements
OSCP certification or equivalent demonstrable penetration testing experience
Preferred Qualifications
AWS security certifications (AWS Certified Security - Specialty, etc.)
Experience with multi-cloud environments (AWS, Azure, GCP)
Knowledge of containerization technologies and serverless security testing
Familiarity with compliance frameworks (SOC2, PCI-DSS, HIPAA, etc.)
Familiarity with LLM/Agentic tools to improve efficiency
Experience developing custom tools or scripts for cloud security testing
Background in red teaming or adversary simulation
What We Offer
100% remote work with minimal travel requirements
Opportunity to work with diverse, high-profile clients including Fortune 500 companies and government agencies
Opportunity to lead high-impact security engagements across various industries
Collaborative environment working alongside cloud security experts within our Threat & Attack Simulation team
Clear progression opportunities serving as both lead consultant and technical oversight roles
Continuous learning and professional development opportunities
Team Structure
You'll report to a team lead and work within our proven 3-person engagement model that includes a lead consultant (primary performer), technical oversight consultant, and managing consultant for escalation support. This structure ensures quality delivery while providing mentorship opportunities and collaborative problem-solving.
This role requires a dynamic security professional who can independently drive engagements while delivering exceptional client value through practical, real-world security testing and clear communication of findings.
Senior Cloud Security Penetration Tester
About the Role
We are seeking a highly skilled Senior Cloud Security Penetration Tester with strong AWS expertise to join our Threat & Attack Simulation team. In this role, you will lead cloud penetration testing engagements, focusing on network penetration testing and assumed breach scenarios to validate real-world risks in cloud environments. You will work as part of a supportive 3-person project structure, serving as either the lead consultant (primary performer) or providing technical oversight, depending on the engagement. The ideal candidate will combine technical excellence with outstanding communication skills and demonstrate initiative in driving security improvement efforts.
Key Responsibilities
Lead cloud penetration testing engagements with a focus on AWS environments
Perform network penetration testing and assumed breach scenarios to validate security risks
Execute real-world attack simulations to demonstrate the impact of cloud misconfigurations
Develop and implement sophisticated testing methodologies for cloud environments using tools like ScoutSuite, Prowler, CloudMapper, and Pacu
Author comprehensive client deliverables including executive summaries, detailed technical reports, and remediation recommendations
Present findings and recommendations to technical and non-technical stakeholders
Stay current with emerging cloud security threats, attack vectors, and defensive strategies
Collaborate with internal teams and peers to continually improve testing methodologies and tooling
Required Qualifications
3-5 years of experience in cloud security penetration testing, with strong emphasis on AWS environments
Demonstrated expertise in network penetration testing and assumed breach methodologies
In-depth understanding of cloud architecture, security controls, and attack vectors
Experience with cloud-specific security testing tools (ScoutSuite, Prowler, CloudMapper, Pacu)
Experience in writing clear, actionable security reports for both technical and executive audiences
Excellent verbal communication skills for client presentations and stakeholder interactions
Strong initiative and self-direction, with ability to lead complex security engagements
OSCP certification or equivalent demonstrable penetration testing experience
Preferred Qualifications
AWS security certifications (AWS Certified Security - Specialty, etc.)
Experience with multi-cloud environments (AWS, Azure, GCP)
Knowledge of containerization technologies and serverless security testing
Familiarity with compliance frameworks (SOC2, PCI-DSS, HIPAA, etc.)
Familiarity with LLM/Agentic tools to improve efficiency
Experience developing custom tools or scripts for cloud security testing
Background in red teaming or adversary simulation
What We Offer
100% remote work with minimal travel requirements
Opportunity to work with diverse, high-profile clients including Fortune 500 companies and government agencies
Opportunity to lead high-impact security engagements across various industries
Collaborative environment working alongside cloud security experts within our Threat & Attack Simulation team
Clear progression opportunities serving as both lead consultant and technical oversight roles
Continuous learning and professional development opportunities
Team Structure
You'll report to a team lead and work within our proven 3-person engagement model that includes a lead consultant (primary performer), technical oversight consultant, and managing consultant for escalation support. This structure ensures quality delivery while providing mentorship opportunities and collaborative problem-solving.
This role requires a dynamic security professional who can independently drive engagements while delivering exceptional client value through practical, real-world security testing and clear communication of findings.