Emagine IT, Inc. · 2 months ago
SENIOR PENETRATION TESTER (Remote)
United States
Full-time
Remote
Senior Level
5+ years expEmagine IT, Inc. is an information technology consulting services company that specializes in delivering technology solutions. They are seeking a Senior Penetration Tester to facilitate penetration tests and threat hunting exercises within cloud-based environments, requiring a strong understanding of security-related system controls.
ConsultingHuman ResourcesInformation TechnologyManagement Consulting
Responsibilities
Execute testing procedures in accordance with NIST SP 800-53A and industry testing standards like OWASP, MITRE, etc
Test for vulnerabilities, validate exploitable vulnerabilities within network, cloud, web and mobile environments
Perform Social Engineering campaigns, including email phishing, spear phishing, phone pre-text calling – Including but not limited to creation of landing pages, creation of embedded executable payloads
Develop Rules of Engagement, Penetration Test Plans, Penetration Testing report, Power Point presentations for kick-off and closing of client engagements
Author recommendations based on findings to improve security postures compliant with NIST controls
Penetration Testing/Threat Hunting (75%); Advisory/Consulting (%25)
Develop Testing Guides Based on Methodologies (MITRE, OWASP, etc.)
Creation of Comprehensive Testing Frameworks: Develop detailed penetration testing guides and frameworks that align with industry standards such as MITRE ATT&CK, OWASP Top Ten, NIST, and others
Incorporation of Advanced Techniques: Regularly update these guides to incorporate the latest attack techniques and defensive strategies
Customization for Client Environments: Tailor these methodologies to meet specific client environments and industry requirements, ensuring that the testing approach is both comprehensive and contextually appropriate
Develop Team Trainings Based on Test Guides and Engagement Debriefs
Training Program Development: Design and implement training programs for the penetration testing team, leveraging the developed test guides
Debrief and Knowledge Sharing: Conduct debrief sessions following each engagement to discuss unique or novel findings
Simulation and Hands-On Training: Organize practical, hands-on workshops and simulations to provide team members with real-world experience in using new tools and methodologies
Take on QA Responsibilities for Reports or Rules of Engagement (ROEs)
Quality Assurance for Reports: Perform thorough quality assurance (QA) reviews of penetration testing reports to ensure accuracy, clarity, and completeness
Consistency and Compliance: Ensure that all reports adhere to internal and external compliance requirements and follow a standardized format
Rules of Engagement (ROE) Review: Review and refine Rules of Engagement (ROE) documents to ensure they are clear, comprehensive, and aligned with client expectations and legal considerations
More Active Role in Blog Posting and Research
Thought Leadership and Content Creation: Take a proactive role in writing blog posts and research papers that contribute to the broader cybersecurity community
Research and Development (R&D): Lead or participate in research initiatives to explore emerging threats, new vulnerabilities, and advanced attack techniques
Community Engagement: Engage with the security community through conferences, webinars, and social media to discuss findings, share knowledge, and establish the organization as a thought leader in penetration testing and cybersecurity
Tool Development and Acquisition (Responsible for Vendor Communications)
Tool Development and Customization: Lead the development of custom tools and scripts to automate repetitive tasks, enhance testing capabilities, or address specific needs not covered by existing tools
Vendor Communication and Acquisition: Act as the primary point of contact for vendor communications regarding tool acquisition
Vendor Management: Maintain relationships with tool vendors, manage software licenses, and ensure compliance with vendor agreements
Manage Current Toolset and Adjust Them as Needed for the Team
Toolset Management: Oversee the maintenance and management of the team's current toolset, ensuring that all tools are updated, properly configured, and functioning correctly
Optimization and Customization: Regularly assess the effectiveness of the existing toolset and make adjustments as needed
Continuous Improvement and Adaptation: Stay updated on the latest tools and technologies in penetration testing and cybersecurity
Security and Compliance of Tools: Ensure that all tools in use adhere to the organization's security policies and do not pose any risks to client environments
Qualification
Required
Bachelor's degree in a relevant field
Certifications: OSCP, OSCE, OSWP, CEH, CRTO
5 years' experience
Company
Emagine IT, Inc.
For over two decades, we've delivered technical precision and mission-driven innovation— shaping the future of enterprise architecture, infrastructure, cybersecurity, and AI-powered automation.
51-200 employees
H1B Sponsorship
Emagine IT, Inc. has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2020 (3)
Funding
Current Stage
Growth StageTotal Funding
unknownKey Investors
Enlightenment Capital
2018-10-04Private Equity
Leadership Team
Aamir Saleem
Founder/Chief Innovation Architect
Recent News
Washington Technology
2025-07-02
2025-07-02
2025-07-01
Company data provided by crunchbase