Lead Penetration Test Engineer

S&P Global

Boston, MA, US
Base: $135,000 - $200,000 usd; bonus/equity: not s...
Hybrid
8 years information security experience
Penetration testing web applications
Cloud offensive techniques iam abuse
The role focuses on protecting clients from modern security threats by conducting comprehensive penetration tests across diverse environments

Job Summary

  • The role focuses on protecting clients from modern security threats by conducting comprehensive penetration tests across diverse environments.
  • Candidates will develop custom scripts and methodologies to automate security testing within CI/CD pipelines while collaborating with engineering teams.
  • S&P Global offers competitive compensation, flexible downtime, continuous learning resources, and family-friendly perks for its global workforce.

Matching Summary

The role focuses on protecting clients from modern security threats by conducting comprehensive penetration tests across diverse environments.

Salary

Base: $135,000 - $200,000 USD; Bonus/Equity: Not specified; Benefits: Health care, flexible time off, retirement planning

Skills & Requirements

Must-have

  • 8 years information security experience
  • Penetration testing web applications
  • Cloud offensive techniques IAM abuse
  • DAST SAST SCA tool integration
  • Python Bash Go scripting skills

Nice-to-have

  • AI ML adversarial testing knowledge
  • MITRE ATT&CK framework application
  • Java application security expertise
  • Open source security contributions
  • Conference talks or publications

Key Requirements

  • Bachelor's degree in Computer Science or equivalent
  • Minimum 8 years in information security
  • Recognized offensive security certification OSCP OSCE3 OSEP GXPN GPEN CREST
  • Indefinite right to work in US or Canada

Work Rights

Must have indefinite right to work within the US

Tailored Resume

Cover Letter