Penetration Testing Engineer IV jobs in United States
cer-icon
Apply on Employer Site
company-logo

IDEMIA · 3 weeks ago

Penetration Testing Engineer IV

positionUSA
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$93K/yr - $117K/yr
date5+ years exp

IDEMIA is a leading provider of secure and trusted biometric-based solutions, transforming public and private organizations across the globe. The Penetration Testing Engineer IV will conduct comprehensive penetration testing and security assessments for various applications and systems, ensuring robust security measures are in place.

Identity ManagementInformation TechnologyNetwork Security

Responsibilities

Conduct comprehensive penetration testing of Mobile ID applications (Android and iOS)
Perform security assessments of Digital Identity Wallet and Civil Identity backend systems and APIs
Test cloud infrastructure security controls across AWS environments
Evaluate biometric authentication systems and liveness detection mechanisms
Assess PKI implementation, SOC 2, X.509 certificate management, and cryptographic controls
Conduct network penetration testing of government integration points and DMV connections
Perform social engineering assessments targeting identity verification processes
Test mobile SDK security implementations and third-party integrations
Evaluate web application security for citizen enrollment portals
Assess compliance with government security frameworks (NIST, FedRAMP, FISMA)
Develop detailed vulnerability reports with risk ratings and remediation guidance
Collaborate with development teams to validate security fixes and implement secure coding practices
Participate in threat modeling sessions for new product features
Maintain testing tools and develop custom exploits for identity-specific vulnerabilities

Qualification

Mobile Application Security TestingAWS security testingNetwork penetration testingBiometric security assessmentAPI security testingCloud configuration reviewCompliance frameworks knowledgeMobile application reverse engineeringPenetration testing toolsSocial engineering assessmentMulti-factor authentication bypassContainer security assessmentSecure software development lifecyclePrivacy regulations knowledgeThreat intelligence experienceAutomated security testing toolsDigital identity standards knowledge

Required

Mobile Application Security Testing: iOS and Android penetration testing tools (Frida, Objection, MobSF)
Mobile application reverse engineering
Runtime application security testing (RAST)
Mobile device forensics and analysis
Identity & Authentication Security: Biometric security assessment techniques
PKI and certificate authority security testing
OAuth, SAML, and JWT vulnerability assessment
Multi-factor authentication bypass techniques
Cloud Security Assessment: AWS security testing methodologies
Container and Kubernetes security assessment
API security testing (REST/SOAP)
Cloud configuration review and hardening
General Penetration Testing: Network penetration testing tools (Nmap, Metasploit, Burp Suite)
Web application security testing (OWASP Top 10)
Social engineering and phishing assessment
Wireless network security testing
Minimum Required: OSCP (Offensive Security Certified Professional)
5+ years of hands-on penetration testing experience
Experience with mobile application security testing
Background in testing government or highly regulated systems
Experience with identity management and authentication systems
Knowledge of compliance frameworks (NIST Cybersecurity Framework, ISO 27001)

Preferred

Preferred Additional Certifications: CISSP (Certified Information Systems Security Professional)
CEH (Certified Ethical Hacker)
GWEB (GIAC Web Application Penetration Tester)
GMOB (GIAC Mobile Device Security Analyst)
Knowledge of digital identity standards (FIDO Alliance, W3C)
Familiarity with government identity verification processes
Experience with automated security testing tools
Background in secure software development lifecycle (SDLC)
Knowledge of privacy regulations (SOC2, GDPR, CCPA)
Experience with threat intelligence and adversary simulation

Benefits

Bonus
Benefits

Company

IDEMIA

twittertwittertwitter
Glassdoor4.0
company-logo
IDEMIA offers identity and security solutions for an increasingly digital and connected.
dateFounded in 2007
location
Courbevoie, Ile-de-France, FRA
people-size10001+ employees
web-link
https://www.idemia.com/

Funding

Current Stage
Late Stage
Total Funding
$12.83M
2024-09-20Acquired
2020-04-17Series Unknown· $12.83M

Leadership Team

leader-logo
Jean-Christophe Fondeur
Advisor to IPS CEO
linkedin
leader-logo
Didier Fontaine
Chief Operating Officer
linkedin

Recent News

GlobeNewswire
Airport Baggage Handling System Market Report 2026: $13.25+ Bn Opportunities, Trends, Competitive Landscape, Strategies, and Forecasts, 2020-2025, 2025-2030F, 2035F
2026-01-19
Morningstar.com
IDEMIA Public Security and Tsuzuki Denki Co. Launch Innovative Partnership to Enhance Access Management in Japan
2025-12-03
Juniper Research
Modern Card Issuing Platforms Market to Surpass $4.2 Billion by 2030, as Juniper Research Reveals Global Leaders Driving Fintech Innovation
2025-11-19
Company data provided by crunchbase