[Remote] Senior Security Consultant (Cloud Penetration Tester - AWS)

Note: The job is a remote job and is open to candidates in USA. NetSPI is a leader in Penetration Testing as a Service (PTaaS) and is seeking an experienced Senior Security Consultant specializing in Cloud Penetration Testing. The role involves executing cloud penetration tests, developing innovative testing methodologies, and collaborating with clients to enhance their security posture. Responsibilities • Execute cloud penetration tests against AWS environments • Develop innovative TTPs in support of Cloud testing • Create attack narratives and findings-based penetration test reports for clients • Collaborate with clients to create remediation strategies that will help improve their security posture • Act as a resource for internal team members as it relates to in-depth technical questions or best practices in Cloud • Assist in QA review of Cloud engagements • Help define and document internal processes and TTPs • Contribute to the information security community through the development of tools, presentations, white papers, and blogs Skills • Bachelor's degree or higher with a concentration in computer science, engineering, math, IT, or equivalent experience • 3 - 5 years experience performing offensive/attack-oriented penetration tests against AWS environments and External/Internal networks • Recognized Penetration Testing specific qualifications such as GXPN, OSCP, OSCE, or similar certifications • Strong communication, presentation, and writing skills • Experience performing security focused cloud configuration reviews • Experience with offensive toolkits for both cloud and network penetration testing • Demonstrable knowledge in the following areas: Exploiting security misconfigurations for core cloud services such as Compute, Storage, Databases, Networking, Kubernetes, and other PAAS services • IAM security fundamentals and how to leverage excessive permissions for lateral movement and privilege escalation within the cloud • Testing external cloud attack surfaces • Testing internal cloud attack surfaces • Programming experience in one or more of the following languages: Python, PowerShell, C#, Go • Experience researching new cloud service offerings with the goal of identifying misconfigurations and vulnerabilities • Web Application pentesting experience Company Overview • NetSPI is a cybersecurity company that offers enterprise security testing and attack surface management services. It was founded in 2001, and is headquartered in Minneapolis, Minnesota, USA, with a workforce of 501-1000 employees. Its website is Company H1B Sponsorship • NetSPI has a track record of offering H1B sponsorships, with 1 in 2025, 3 in 2024, 1 in 2023, 2 in 2022, 5 in 2021, 5 in 2020. Please note that this does not guarantee sponsorship for this specific role. Apply tot his job