Offensive Security Engineer | WebApp/Internal & External Penetration Testing (Remote)

About the position Responsibilities • Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools. • Conducts WebApp penetration tests over a variety of products. • Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients. • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements. • Conduct IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems. • Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks, including response and recovery of a data security breach. • Maintain a firm grasp on the industry and anticipate trends and movements while balancing maturity and timing. • Contribute to Trace3's presence and brand in the Security community. Requirements • Bachelor's degree in Engineering in Computer Science or Information Technology or a related technical field; or equivalent related professional experience. • OSCP, eCPPT, eWPT, PNPT, OSWE or other equivalent certification(s) is a huge plus. • Through understanding of one or more Unix/Linux/Mac/Windows operating systems. • 2-3 years' experience in at least three of the following: Red Team penetration test tools such as Kali, ParrotOS, Bloodhound, MetaSploit, BurpSuite, OWASP Zap, etc. • Network penetration testing and manipulation of network infrastructure. • Web application assessments (Mobile application testing a plus). • Shell scripting or automation of simple tasks using Perl, Python, Go, PowerShell or Ruby. • Developing, extending, or modifying exploits, shellcode or exploit tools. • Developing applications or scripts in C#, ASP, .NET, ObjectiveC, Go, Java (J2EE), Python, or Ruby. • Experience with at least one or more of the major cloud providers (AWS, Azure, and GCP). • Strong knowledge of tools used for web application and network security testing. • Strong knowledge of current web application structure and strong ability to test both modern and older web applications. • Motivated self-starter who loves to solve challenging problems and feels comfortable working directly with customers. • Excellent oral, written communication, and presentation skills with an ability to present client security sessions and security workshops to C-Level Executives and non-technical audience. • Highly organized, detail-oriented, excellent time management skills, and able to effectively prioritize tasks in a fast-paced, high-volume, and evolving work environment. • Ability to approach customer and sales requests with a proactive and consultative manner; listen and understand user requests and needs and effectively deliver. • Comfortable managing multiple and changing priorities, and meeting deadlines in an entrepreneurial environment. • Ability to travel when needed. Benefits • Comprehensive medical, dental and vision plans for you and your dependents. • 401(k) Retirement Plan with Employer Match, 529 College Savings Plan, Health Savings Account, Life Insurance, and Long-Term Disability. • Competitive Compensation. • Training and development programs. • Stocked kitchen with snacks and beverages. • Collaborative and cool culture. • Work-life balance and generous paid time off. Apply tot his job