« Company
Halo Security is seeking highly motivated candidates for our security team. You will work with industry leaders and help customers leverage the Halo Security platform to measure and manage security risks across their organization.
We are looking for a penetration tester who can identify and document strengths and weaknesses. You will be an integral part of the group that delivers manual security testing in this role. A typical project includes several hours of auditing and writing a customer-facing report deliverable. We test most web applications and e-commerce websites, as well as internal and external networks and cloud environments.
Responsibilities
- Scope penetration testing projects
- Perform manual penetration testing
- Communicate testing progress and updates
- Create penetration testing reports
- Present findings to the customer
What we value
- Experience with finding, exploiting, and reporting vulnerabilities
- In-depth knowledge of industry-standard vulnerabilities and testing methodologies
- Knowledge of web browsers, web applications, and APIs
- Knowledge of HTML, JavaScript, and server-side languages
- Knowledge of Active Directory, along with permissions and common misconfigurations
- Understanding of industry-standard security tools
- Ability to concurrently manage multiple, highly complex tasks
- Ability to proficiently communicate with customers
- Ability to collaborate with other engineers
- Strong attention to detail and technical writing skills
Experience Requirements
- Knowledge of a programming or scripting language (Python, C#, Golang, shell scripting, or similar)
- Penetration Testing: 2 years
- Burp Suite: 2 years
- Nessus: 2 years
- Active Directory: 2 years
- AWS/Azure/GCP: 2 years
- Linux: 2 years
Nice to Have
- Experience with performing “assumed breach” penetration tests on internal networks and cloud environments
- Experience leading phishing campaigns, including custom template creation
- Credited with findings in Bug Bounty or public security programs
- CTF experience
- Attributed CVEs or other public research
- Certifications (OSCP, BSCP, CPTS, etc.)
We Offer
- Competitive salary and benefits
- Fully remote opportunities
- Optimal work-from-anywhere experience—we’ll send you whatever tools you need to succeed!
- Flexible PTO—freedom, independence, and flexibility with your time off
About Halo Security
At Halo Security, a TrustedSite brand, our mission is to help organizations protect data from external attackers and earn trust with their customers. Our attack surface management, penetration testing and vulnerability scanning solutions help thousands of organizations secure their most critical assets.
Apply
To apply for this position, please email your resumé to careers@halosecurity.com.