77 Penetration Testing jobs in the United States

**Do you want your voice heard and your actions to count?**
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. Across the globe, we're 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
The selected colleague will work at an MUFG office or client sites four days per week and work remotely one day. A member of our recruitment team will provide more details.
**Job Summary**
Lead and manage a team of penetration testers at various skill levels to execute timely, thorough manual penetration testing of applications and infrastructure assets to identify exploitable vulnerabilities across MUFG assets. Mentor and train team members and ensure they are equipped perform assessments as needed. Manage the scheduling, tracking, reporting, and metrics of the penetration testing program. Continuously improve the capability and capacity of the penetration testing team to meet internal and external requirements.
**Major Responsibilities**
+ Partner with infrastructure and application development teams at MUFG to advocate for and support effective vulnerability risk reduction across the portfolio
+ Support maturation and modernization of MUFG's software development lifecycle and build pipelines to ensure penetration testing is occurring as needed, when needed
+ Support expansion of penetration testing services and coverage within MUFG Americas while extending support to additional MUFG entities and regions
+ Assist with the development of an internal training program for the team to grow and develop technical skills needed to be proficient
+ Scope and perform penetration testing and vulnerability research of complex proprietary software and hardware for client services
+ Create custom tool(s) and/or modify existing tool(s) to aid with vulnerability detection automation process
+ Proactively engage with key stakeholders to ensure that issues are mitigated and/or remediated within the firm's risk tolerance and service level agreements
+ Continually research new exploitation/attack techniques against technology stack(s) currently being used across MUFG
+ Maintaining familiarity with industry trends and security best practices
+ Provide technical training and guidance to junior and mid-tier team members
+ Contributing to the team's continuous improvement of the penetration testing program including scheduling, tracking, and metrics
+ Support integration of penetration testing processes, data, and workflows within MUFG's ServiceNow Vulnerability Response module
+ Actively seek opportunities to introduce efficiencies and maximize automation where possible
+ Ensure the penetration testing program meets or exceeds all federal regulations and requirements defined in MUFG standards, policies and procedures
**Qualification**
+ Bachelor's degree in computer science or related field; applicable specialized training; or equivalent work experience - equally preferable
+ In-depth understanding with two or more of the following technology areas:
+ Network infrastructure (Routers, switches.)
+ Security products and services (FW, IDS, IPS, AV.)
+ Active Directory, servers, services, desktops and mobile devices
+ Operating System (Windows, Unix/Linux/AIX)
+ Databases (MySQL, SQL, DB2.)
+ Cloud and container technologies like AWS, Azure, Oracle and Kubernetes
+ In-depth understanding of penetration-testing methodologies and security concepts such as OWASP, the MITRE ATT&CK framework
+ In-depth knowledge in one or more of these programming languages: Java, C#, C, C++, Assembly
+ In-depth knowledge in one or more of these areas: Post exploitation, exploitation development, or binary reverse engineering
+ 5+ years of experience with testing frameworks and tools such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, Nessus, PowerShell Empire, AutoSploit, Ghidra, IDAPro, OllyDbg, Fiddler
+ 3+ years of experience in scripting languages such as Python, PowerShell, Bash, and Ruby
+ 5+ years of experience in application and infrastructure penetration testing, including experience using automated tools and manual testing techniques
+ Excellent communication and report-writing skills
The typical base pay range for this role is between $124K - $171K depending on job-related knowledge, skills, experience and location. This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays. For more information on our Total Rewards package, please click the link below.
MUFG Benefits Summary ( will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws (including (i) the San Francisco Fair Chance Ordinance, (ii) the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, (iii) the Los Angeles County Fair Chance Ordinance, and (iv) the California Fair Chance Act) to the extent that (a) an applicant is not subject to a statutory disqualification pursuant to Section 3(a)(39) of the Securities and Exchange Act of 1934 or Section 8a(2) or 8a(3) of the Commodity Exchange Act, and (b) they do not conflict with the background screening requirements of the Financial Industry Regulatory Authority (FINRA) and the National Futures Association (NFA). The major responsibilities listed above are the material job duties of this role for which the Company reasonably believes that criminal history may have a direct, adverse and negative relationship potentially resulting in the withdrawal of conditional offer of employment, if any.
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.
We are proud to be an Equal Opportunity Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual's associates or relatives that is protected under applicable federal, state, or local law.
At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!
**Our Culture Principles**
+ Client Centric
+ People Focused
+ Listen Up. Speak Up.
+ Innovate & Simplify
+ Own & Execute

**Do you want your voice heard and your actions to count?**
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. Across the globe, we're 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
The selected colleague will work at an MUFG office or client sites four days per week and work remotely one day. A member of our recruitment team will provide more details.
**Job Summary**
Penetration testing of applications and infrastructure assets to identify exploitable vulnerabilities across MUFG assets. Prepare clear and concise reporting on issues found including severity calculation, steps to reproduce, and mitigation/remediation recommendations.
**Major Responsibilities:**
+ Scope and perform penetration testing and vulnerability research of complex proprietary software and hardware for client services
+ Create custom tool(s) and/or modify existing tool(s) to aid with automation of vulnerability detection
+ Partner with infrastructure and application development teams at MUFG to ensure identified findings are understood and effectively mitigated or remediated in a timely manner
+ Continuously research new exploitation/attack techniques against technology stack(s) currently being used across MUFG
+ Continuously develop your skills from various resources, including MUFG provided training
+ Maintaining familiarity with industry trends and security best practices
+ Assist with the development of an internal training program for all levels of penetration testers to grow and develop the technical skills needed to be proficient
+ Provide technical training and guidance to junior and peer team members
**Qualifications:**
+ Bachelor's degree in computer science or related field; applicable specialized training; or equivalent work experience - equally preferable
+ Operational experience penetration testing two or more of the following technology areas:
+ Network infrastructure (Routers, switches.)
+ Security products and services (FW, IDS, IPS, AV.)
+ Active Directory, servers, services, desktops and mobile devices
+ Operating System (Windows, Unix/Linux/AIX)
+ Databases (MySQL, SQL, DB2.)
+ Cloud and container technologies like AWS, Azure, Oracle and Kubernetes
+ 3+ years of experience in application and infrastructure penetration testing, utilizing industry-standard penetration-testing methodologies and security concepts such as OWASP, and the MITRE ATT&CK framework
+ Operational experience with one or more programming languages including Java, C#, C, C++, Assembly desired, but not required
+ Operational experience in one or more of these areas: Post exploitation, exploitation development, or binary reverse engineering
+ 3+ years of experience employing testing frameworks and tools such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, Nessus, PowerShell Empire, AutoSploit, Ghidra, IDAPro, OllyDbg, Fiddler
+ 1+ years of experience in scripting languages such as Python, PowerShell, Bash, and/or Ruby desired, but not required
+ including experience using automated tools and manual testing techniques
+ Excellent communication and report-writing skills
**_Visa sponsorship/support is based on business needs. We do not anticipate providing visa sponsorship/support for this position._**
The typical base pay range for this role is between $108K - $131K depending on job-related knowledge, skills, experience and location. This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays. For more information on our Total Rewards package, please click the link below.
MUFG Benefits Summary ( will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws (including (i) the San Francisco Fair Chance Ordinance, (ii) the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, (iii) the Los Angeles County Fair Chance Ordinance, and (iv) the California Fair Chance Act) to the extent that (a) an applicant is not subject to a statutory disqualification pursuant to Section 3(a)(39) of the Securities and Exchange Act of 1934 or Section 8a(2) or 8a(3) of the Commodity Exchange Act, and (b) they do not conflict with the background screening requirements of the Financial Industry Regulatory Authority (FINRA) and the National Futures Association (NFA). The major responsibilities listed above are the material job duties of this role for which the Company reasonably believes that criminal history may have a direct, adverse and negative relationship potentially resulting in the withdrawal of conditional offer of employment, if any.
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.
We are proud to be an Equal Opportunity Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual's associates or relatives that is protected under applicable federal, state, or local law.
At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!
**Our Culture Principles**
+ Client Centric
+ People Focused
+ Listen Up. Speak Up.
+ Innovate & Simplify
+ Own & Execute

**Do you want your voice heard and your actions to count?**
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. Across the globe, we're 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
The selected colleague will work at an MUFG office or client sites four days per week and work remotely one day. A member of our recruitment team will provide more details.
**Job Summary**
Lead and manage a team of penetration testers at various skill levels to execute timely, thorough manual penetration testing of applications and infrastructure assets to identify exploitable vulnerabilities across MUFG assets. Mentor and train team members and ensure they are equipped perform assessments as needed. Manage the scheduling, tracking, reporting, and metrics of the penetration testing program. Continuously improve the capability and capacity of the penetration testing team to meet internal and external requirements.
**Major Responsibilities**
+ Partner with infrastructure and application development teams at MUFG to advocate for and support effective vulnerability risk reduction across the portfolio
+ Support maturation and modernization of MUFG's software development lifecycle and build pipelines to ensure penetration testing is occurring as needed, when needed
+ Support expansion of penetration testing services and coverage within MUFG Americas while extending support to additional MUFG entities and regions
+ Assist with the development of an internal training program for the team to grow and develop technical skills needed to be proficient
+ Scope and perform penetration testing and vulnerability research of complex proprietary software and hardware for client services
+ Create custom tool(s) and/or modify existing tool(s) to aid with vulnerability detection automation process
+ Proactively engage with key stakeholders to ensure that issues are mitigated and/or remediated within the firm's risk tolerance and service level agreements
+ Continually research new exploitation/attack techniques against technology stack(s) currently being used across MUFG
+ Maintaining familiarity with industry trends and security best practices
+ Provide technical training and guidance to junior and mid-tier team members
+ Contributing to the team's continuous improvement of the penetration testing program including scheduling, tracking, and metrics
+ Support integration of penetration testing processes, data, and workflows within MUFG's ServiceNow Vulnerability Response module
+ Actively seek opportunities to introduce efficiencies and maximize automation where possible
+ Ensure the penetration testing program meets or exceeds all federal regulations and requirements defined in MUFG standards, policies and procedures
**Qualification**
+ Bachelor's degree in computer science or related field; applicable specialized training; or equivalent work experience - equally preferable
+ In-depth understanding with two or more of the following technology areas:
+ Network infrastructure (Routers, switches.)
+ Security products and services (FW, IDS, IPS, AV.)
+ Active Directory, servers, services, desktops and mobile devices
+ Operating System (Windows, Unix/Linux/AIX)
+ Databases (MySQL, SQL, DB2.)
+ Cloud and container technologies like AWS, Azure, Oracle and Kubernetes
+ In-depth understanding of penetration-testing methodologies and security concepts such as OWASP, the MITRE ATT&CK framework
+ In-depth knowledge in one or more of these programming languages: Java, C#, C, C++, Assembly
+ In-depth knowledge in one or more of these areas: Post exploitation, exploitation development, or binary reverse engineering
+ 5+ years of experience with testing frameworks and tools such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, Nessus, PowerShell Empire, AutoSploit, Ghidra, IDAPro, OllyDbg, Fiddler
+ 3+ years of experience in scripting languages such as Python, PowerShell, Bash, and Ruby
+ 5+ years of experience in application and infrastructure penetration testing, including experience using automated tools and manual testing techniques
+ Excellent communication and report-writing skills
The typical base pay range for this role is between $124K - $171K depending on job-related knowledge, skills, experience and location. This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays. For more information on our Total Rewards package, please click the link below.
MUFG Benefits Summary ( will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws (including (i) the San Francisco Fair Chance Ordinance, (ii) the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, (iii) the Los Angeles County Fair Chance Ordinance, and (iv) the California Fair Chance Act) to the extent that (a) an applicant is not subject to a statutory disqualification pursuant to Section 3(a)(39) of the Securities and Exchange Act of 1934 or Section 8a(2) or 8a(3) of the Commodity Exchange Act, and (b) they do not conflict with the background screening requirements of the Financial Industry Regulatory Authority (FINRA) and the National Futures Association (NFA). The major responsibilities listed above are the material job duties of this role for which the Company reasonably believes that criminal history may have a direct, adverse and negative relationship potentially resulting in the withdrawal of conditional offer of employment, if any.
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.
We are proud to be an Equal Opportunity Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual's associates or relatives that is protected under applicable federal, state, or local law.
At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!
**Our Culture Principles**
+ Client Centric
+ People Focused
+ Listen Up. Speak Up.
+ Innovate & Simplify
+ Own & Execute

**Do you want your voice heard and your actions to count?**
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. Across the globe, we're 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
The selected colleague will work at an MUFG office or client sites four days per week and work remotely one day. A member of our recruitment team will provide more details.
**Job Summary**
Lead and manage a team of penetration testers at various skill levels to execute timely, thorough manual penetration testing of applications and infrastructure assets to identify exploitable vulnerabilities across MUFG assets. Mentor and train team members and ensure they are equipped perform assessments as needed. Manage the scheduling, tracking, reporting, and metrics of the penetration testing program. Continuously improve the capability and capacity of the penetration testing team to meet internal and external requirements.
**Major Responsibilities**
+ Partner with infrastructure and application development teams at MUFG to advocate for and support effective vulnerability risk reduction across the portfolio
+ Support maturation and modernization of MUFG's software development lifecycle and build pipelines to ensure penetration testing is occurring as needed, when needed
+ Support expansion of penetration testing services and coverage within MUFG Americas while extending support to additional MUFG entities and regions
+ Assist with the development of an internal training program for the team to grow and develop technical skills needed to be proficient
+ Scope and perform penetration testing and vulnerability research of complex proprietary software and hardware for client services
+ Create custom tool(s) and/or modify existing tool(s) to aid with vulnerability detection automation process
+ Proactively engage with key stakeholders to ensure that issues are mitigated and/or remediated within the firm's risk tolerance and service level agreements
+ Continually research new exploitation/attack techniques against technology stack(s) currently being used across MUFG
+ Maintaining familiarity with industry trends and security best practices
+ Provide technical training and guidance to junior and mid-tier team members
+ Contributing to the team's continuous improvement of the penetration testing program including scheduling, tracking, and metrics
+ Support integration of penetration testing processes, data, and workflows within MUFG's ServiceNow Vulnerability Response module
+ Actively seek opportunities to introduce efficiencies and maximize automation where possible
+ Ensure the penetration testing program meets or exceeds all federal regulations and requirements defined in MUFG standards, policies and procedures
**Qualification**
+ Bachelor's degree in computer science or related field; applicable specialized training; or equivalent work experience - equally preferable
+ In-depth understanding with two or more of the following technology areas:
+ Network infrastructure (Routers, switches.)
+ Security products and services (FW, IDS, IPS, AV.)
+ Active Directory, servers, services, desktops and mobile devices
+ Operating System (Windows, Unix/Linux/AIX)
+ Databases (MySQL, SQL, DB2.)
+ Cloud and container technologies like AWS, Azure, Oracle and Kubernetes
+ In-depth understanding of penetration-testing methodologies and security concepts such as OWASP, the MITRE ATT&CK framework
+ In-depth knowledge in one or more of these programming languages: Java, C#, C, C++, Assembly
+ In-depth knowledge in one or more of these areas: Post exploitation, exploitation development, or binary reverse engineering
+ 5+ years of experience with testing frameworks and tools such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, Nessus, PowerShell Empire, AutoSploit, Ghidra, IDAPro, OllyDbg, Fiddler
+ 3+ years of experience in scripting languages such as Python, PowerShell, Bash, and Ruby
+ 5+ years of experience in application and infrastructure penetration testing, including experience using automated tools and manual testing techniques
+ Excellent communication and report-writing skills
The typical base pay range for this role is between $124K - $171K depending on job-related knowledge, skills, experience and location. This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays. For more information on our Total Rewards package, please click the link below.
MUFG Benefits Summary ( will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws (including (i) the San Francisco Fair Chance Ordinance, (ii) the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, (iii) the Los Angeles County Fair Chance Ordinance, and (iv) the California Fair Chance Act) to the extent that (a) an applicant is not subject to a statutory disqualification pursuant to Section 3(a)(39) of the Securities and Exchange Act of 1934 or Section 8a(2) or 8a(3) of the Commodity Exchange Act, and (b) they do not conflict with the background screening requirements of the Financial Industry Regulatory Authority (FINRA) and the National Futures Association (NFA). The major responsibilities listed above are the material job duties of this role for which the Company reasonably believes that criminal history may have a direct, adverse and negative relationship potentially resulting in the withdrawal of conditional offer of employment, if any.
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.
We are proud to be an Equal Opportunity Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual's associates or relatives that is protected under applicable federal, state, or local law.
At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!
**Our Culture Principles**
+ Client Centric
+ People Focused
+ Listen Up. Speak Up.
+ Innovate & Simplify
+ Own & Execute

Description
The Information Security Analyst will be responsible for monitoring the Firms security systems and performing penetration tests of the WLRK infrastructure. Key responsibilities entail daily monitoring activities, including SIEM and other security tools and identification and mitigation of suspicious events, conducting controlled penetration tests, identifying vulnerabilities, and delivering reports with recommendations for mitigation. The successful candidate will also support all other Security Operations activities and assist in the deployment and operation of information security systems, as well as work on a diverse set of security related projects and responsibilities.
Essential Duties and Responsibilities:
- Perform real-time security log and event analysis and take action to contain and mitigate information security threats. The events will originate from SIEM, DLP, IDS, IPS, antivirus, firewalls, system security logs and user reports.
- Conduct manual and automated penetration testing of web applications, APIs, networks, cloud environments, and mobile apps.
- Simulate real-world cyber-intrusion techniques to identify security vulnerabilities and validate practical exposures/risks.
- Develop automation workflows, routines and scripts to support advanced testing efforts and remediation validation
- Contribute to red team engagements, threat modeling, and purple team exercises.
- Assist in maintaining existing security systems, such as IPS/IDS, Anti-Virus, EPO, SIEM, NAC and other cyberattack detection and analytics tools; assist with security technologies deployment, configuration, troubleshooting, maintenance, patching/upgrading and decommission.
- Make enhancements to existing monitoring and security operations and contribute to a Continuous Monitoring program framework.
- Work across teams to accomplish security program goals.
Knowledge, Skills, and Abilities Required:
- Strong knowledge of network services, vulnerabilities, exploits and attacks vectors and TTPs (Tactics, Techniques, and Procedures).
- Proven experience in penetration testing, ethical hacking, or purple teaming.
- Strong knowledge of OWASP Top 10, MITRE ATT&CK, CVSS, and common exploit techniques.
- Proficiency with tools like Burp Suite, Metasploit, Nmap, Nessus, Kali, Bloodhound, or similar.
- Familiarity with scripting (e.g., Python, PowerShell) for automation and vulnerability validation.
- Understanding of IT infrastructure, networking, system internals (Windows/Linux), and web/application security.
- SPLUNK Administrator or Power User considered a plus.
- Strong knowledge of server and desktop operating systems, routers, switches, firewalls and other network equipment.
- Experience with cloud environments (SaaS, iDP, AWS, Azure, GCP) and cloud security testing.
- Knowledge of mobile app security vulnerabilities (iOS, Android) and threat modeling a plus.
- Participation in Capture The Flag (CTF) events or offensive security challenges
- Critical thinking, investigative mindset and ability to conduct root cause analysis.
- Detail-oriented and able to meet tight deadlines.
- Excellent written, verbal and interpersonal skills.
- Highly motivated self-starter with an inquisitive personality.
- Desire and ability to learn new skills and concepts.
Education and Experience:
- Bachelor's degree in related field or discipline.
- Minimum of 7 years of experience in information security.
- Certifications such as GPEN, OSCP, OSEP or similar are highly desirable.
- CISSP, CISA, CEH, GIAC and other industry certifications considered a plus.
Skills:
SIEM, Security Operations, Penetration Testing, CISSP, CEH, Splunk
Top Skills Details:
SIEM, Security Operations, Penetration Testing
Additional Skills & Qualifications:
Candidates must have excellent communication skills.
Experience Level:
Expert Level
Pay and Benefits
The pay range for this position is $ - $ /yr.
United Healthcare Medical Insurance, MetLife Dental insurance, EyeMed Vision.401KEligible upon date of hireContributions between 1% and 75% of gross compensation on a pre-tax basis and/or 1% - 100% of net compensation on a Roth after-tax basis.Voluntary after-tax contributions of up to 10%Additional catch-up contribution if you are age 50 by calendar year-endContributions are subject to annual IRS maximumDiscretionary Firm Contributions are generally a percentage of your eligible gross wages and may change at any time. You will become eligible for a Firm Contribution after one year of service in which you have worked at least 1,000 hours and are at least 21 years of age. Entry dates are the quarter following when you have met the eligibility requirements.
Workplace Type
This is a hybrid position in New York,NY 10019.
Application Deadline
This position is anticipated to close on Oct 26, 2025.
h4>About TEKsystems:
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
About TEKsystems and TEKsystems Global Services
We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.
The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

**Job Posting End Date**

Please note the job posting will close on the day before the posting end date.
**Job Summary**
Responsible for large-scale security assignments providing direction to other team members. Responsible for gathering, investigating, and analyzing very complex security requirements, processes, and incidents. Leads analysis of security controls assessments (internal and third party) through application security testing, penetration testing or other means to ensure controls effectiveness. Leads the identification and documentation of potential mitigations /remediations and ensures report creation of findings with identified risk response. Responsible for the conceptual design of implementation strategies on assigned security projects/activities. Leads advanced level implementation, support, and/or usage of technical solutions. Leads others in advanced problem solving, decision-making, and functional area knowledge. Mentors and provides functional/technical work direction to team.
**Job Description**
**What You'll Do:**
+ Lead moderate to highly complex technical security assessments across diverse technology, business systems, and critical infrastructure.
+ Document complex technical findings and communicate them effectively in both written and verbal forms to key stakeholders, including Senior and Executive Leadership.
+ Provide actionable, technically sound recommendations to facilitate effective risk treatment of identified findings.
+ Advise Security Leadership and offer deep technical subject matter expertise for large-scale security and technology initiatives.
+ Fulfill technical functions in this role, including:
+ Application Security Lead
+ Penetration Tester / "Red Team" Lead
+ Security Tool Administrator Lead
**What We're Looking For:**
**Security Specialist Lead (SG9):**
**Education:** Bachelor's degree in computer science, information systems, business or related field of study; Or Associate's degree in computer science or related field of study with 2 years of relevant work experience; Or High school diploma/GED with 4 years of relevant work experience.
**Experience:** In addition to any experience required above, 10 years of relevant work experience is required.
**Nice-to-have:**
+ Three or more years of technical Penetration Testing / Application Security specific experience, or commensurate related experience.
+ Demonstrated expertise in penetration testing methodologies and the ability to apply these methodologies in varied technology environments, both independently and as a team leader.
+ Demonstrable technical experience in one or more of the following disciplines:
+ Network / Critical Infrastructure Penetration Testing
+ Web Application / Web Service Penetration Testing
+ Mobile / IoT Penetration Testing
+ Software / Malware Reverse Engineering
+ Hardware / Firmware Reverse Engineering
+ Application Development and Testing
+ Cloud / Container Security
+ Red Teaming / Threat Emulation
+ Technical security certifications are beneficial (e.g., OSCP, OSWE, OSCE, LPT, GPEN, GWAPT, GMOB, GXPN, GAWN, GCPN, GCE, CISSP).
+ Some travel or overtime may be required.
**What you'll get:**
**Security Specialist Lead (SG9): $112,869.00-$46,730.50**
In addition to a competitive compensation, AEP offers a unique comprehensive benefits package that aims to support and enhance the overall well-being of our employees.
Where Putting the Customer First Powers Everything We Do
At AEP, we're more than just an energy company - we're a team of dedicated professionals committed to delivering safe, reliable, and innovative energy solutions. Guided by our mission to put the customer first, we strive to exceed expectations by listening, responding, and continuously improving the way we serve our communities. If you're passionate about making a meaningful impact and being part of a forward-thinking organization, this is the company for you!
#AEPCareers
#LI-ONSITE
**Compensation Data**
**Compensation Grade:**
SP20-009
**Compensation Range:**
112, ,730.50 USD
The Physical Demand Level for this job is: S - Sedentary Work: Exerting up to 10 pounds of force occasionally (Occasionally: activity or condition exists up to 1/3 of the time) and/or a negligible amount of force frequently. (Frequently: activity or condition exists from 1/3 to 2/3 of the time) to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time but may involve walking or standing for brief periods of time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.
**Hear about it first!** Get job alerts by email. Log in to your Candidate Home Account today! If you don't have an account, you can create one.
It is hereby reaffirmed that it is the policy of American Electric Power (AEP) to provide Equal Employment Opportunity in all respects of the employer-employee relationship including recruiting, hiring, upgrading and promotion, conditions and privileges of employment, company sponsored training programs, educational assistance, social and recreational programs, compensation, benefits, transfers, discipline, layoffs and termination of employment to all employees and applicants without discrimination because of race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, age, veteran or military status, disability, genetic information, or any other basis prohibited by applicable law. When required by law, we might record certain information or applicants for employment may be invited to voluntarily disclose protected characteristics.

Our client is seeking a highly skilled and motivated Senior Information Security Analyst with a specialization in Penetration Testing to join their hybrid team in Philadelphia, Pennsylvania, US . This role is critical for identifying and mitigating security vulnerabilities across the organization's complex IT infrastructure. You will be responsible for planning, executing, and reporting on penetration tests, vulnerability assessments, and security audits to ensure the confidentiality, integrity, and availability of sensitive data and systems. The ideal candidate possesses a deep understanding of offensive security techniques, a proactive mindset, and the ability to translate technical findings into actionable recommendations for remediation.

Key responsibilities include conducting network, web application, and system penetration tests; identifying security weaknesses and exploits; developing detailed reports outlining vulnerabilities, potential impact, and remediation strategies; collaborating with IT and development teams to implement security improvements; staying current with the latest security threats and attack vectors; and assisting in the development and maintenance of security policies and procedures. You will also be involved in security awareness training and incident response efforts as needed. This role requires excellent analytical skills and the ability to think like an attacker to proactively defend the organization.

Key Qualifications:

• Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent work experience.
• 5+ years of hands-on experience in penetration testing and vulnerability assessment.
• Deep understanding of network protocols, operating systems (Windows, Linux), and common security vulnerabilities.
• Proficiency with penetration testing tools such as Metasploit, Burp Suite, Nmap, and Nessus.
• Experience in scripting languages (e.g., Python, PowerShell) for security automation.
• Relevant security certifications such as OSCP, CISSP, CEH, or SANS GIAC are highly desirable.
• Strong analytical and problem-solving skills with meticulous attention to detail.
• Excellent written and verbal communication skills, with the ability to present technical findings to both technical and non-technical audiences.
• Ability to work independently and collaboratively within a team environment.
• Experience with cloud security (AWS, Azure) is a plus.

This hybrid role requires a candidate who can work effectively both remotely and from our Philadelphia, Pennsylvania, US office. Join our client to play a crucial role in strengthening their cybersecurity posture.

Our client, a leading organization in Virginia Beach, Virginia, US , is seeking a highly skilled Senior Information Security Analyst with a specialization in Penetration Testing. This role is essential for identifying and mitigating security vulnerabilities across our IT infrastructure and applications. You will be responsible for planning, executing, and reporting on comprehensive penetration tests, vulnerability assessments, and security audits. The ideal candidate will possess a deep understanding of common attack vectors, exploit techniques, and security best practices. Responsibilities include simulating cyber-attacks to uncover weaknesses, recommending remediation strategies, and working closely with development and operations teams to implement security enhancements. You will also contribute to the development and refinement of security policies and procedures. The ability to communicate technical findings clearly and effectively to both technical and non-technical audiences is crucial. A strong knowledge of network protocols, operating systems, web application security, and cloud security is required. Relevant security certifications such as CISSP, CEH, OSCP, or equivalent are highly desirable. A Bachelor's degree in Computer Science, Information Security, or a related field, coupled with a minimum of 7 years of experience in information security, with a significant focus on offensive security and penetration testing, is required. This position offers a hybrid work model, providing a blend of on-site collaboration and remote flexibility, enabling you to contribute to a robust security posture within a growing industry.

Our client is seeking a highly skilled and motivated Senior Information Security Analyst with a specialization in Penetration Testing to join their growing security team in **Raleigh, North Carolina, US**. This role is crucial in identifying vulnerabilities and weaknesses within the organization's IT infrastructure, applications, and networks to proactively enhance security posture. The ideal candidate will possess deep technical expertise in offensive security techniques, penetration testing methodologies, and vulnerability assessment tools. You will be responsible for planning and executing comprehensive penetration tests, red team exercises, and security assessments. This position requires a strong understanding of network protocols, operating systems, web application security, and cloud security. You will document findings, provide actionable recommendations for remediation, and work closely with IT and development teams to implement security improvements. The Senior Information Security Analyst will also contribute to developing security policies, procedures, and best practices. A proactive, curious, and analytical mindset is essential, along with excellent reporting and communication skills to articulate complex technical issues to both technical and non-technical audiences.

Key Responsibilities:

• Plan, scope, and execute penetration tests against internal and external networks, applications, and cloud environments.
• Conduct vulnerability assessments and identify security weaknesses using a variety of tools and techniques.
• Perform red team exercises to simulate real-world attack scenarios and test incident response capabilities.
• Analyze security vulnerabilities and provide detailed, actionable remediation recommendations.
• Document penetration test findings clearly and concisely in comprehensive reports.
• Present test results and recommendations to technical teams and management.
• Assist in the development and maintenance of security policies, standards, and procedures.
• Stay up-to-date with the latest security threats, vulnerabilities, and attack vectors.
• Collaborate with IT and development teams to implement security controls and address identified risks.
• Participate in security architecture reviews and provide input on secure design principles.
• Develop and maintain security testing tools and scripts.
• Contribute to security awareness training for employees.
• Research and evaluate new security technologies and methodologies.
• Act as a subject matter expert in offensive security and penetration testing.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
• 5+ years of experience in information security, with a significant focus on penetration testing and offensive security.
• Proven experience conducting network, web application, and mobile application penetration tests.
• Proficiency with penetration testing tools such as Metasploit, Burp Suite, Nmap, Nessus, and Wireshark.
• Strong understanding of TCP/IP, networking protocols, operating systems (Windows, Linux), and common attack vectors.
• Experience with cloud security concepts and testing in AWS, Azure, or GCP environments.
• Excellent analytical and problem-solving skills.
• Strong written and verbal communication skills, with the ability to produce detailed technical reports.
• Relevant certifications such as OSCP, CEH, CISSP, or GIAC are highly desirable.
• Ability to work independently and as part of a team.
• Ethical mindset and strong understanding of security principles.
• Experience with scripting languages (e.g., Python, PowerShell) is a plus.