Senior Penetration Tester (Remote)

Joining TÜV Rheinland means working for one of the world’s leading testing, inspection, and certification service providers with more than 20,000 employees globally. Our employees are our most important asset.  That is why we invest in their development and offer competitive pay, multiple health insurance plan options, and a 401(k) with up to 6% company match.  At the same time we live an international, team-oriented culture characterized by respect, collegiality and openness. This enables our employees to develop their potential, apply new knowledge and methods directly - and plan a long-term career with real opportunities for advancement.

SUMMARY

A senior penetration tester is needed to conduct penetration testing across multiple disciplines, assess and secure IoT systems and devices, and conduct thorough penetration tests on various networks, mobile devices, applications, and infrastructures. The candidate must have a minimum of 5 years of experience as a penetration tester.  

As a senior tester, the candidate is also expected to be able to interface with clients regularly, occasionally support sales efforts, and manage their workload with minimal oversight. The willingness to contribute scripting/tools/methodology to help keep the TUV Rheinland Testing Team. You will be expected to stay current with the latest vulnerabilities and threats, and up to date with new industry advancements is also a requirement.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

• Conduct comprehensive penetration testing on hardware, software, and network components.
• Perform vulnerability discovery and exploitation in web and mobile applications, API, databases, and operating systems.
• Accurately document and report on findings discovered during penetration testing activities.
• As needed, develop additional tools, scripts, and methodologies to help keep TUV Rheinland competitive.
• Contribute to continually improving testing team knowledge and supporting testing methodology improvements.
• Occasionally provide pre-sales support as a Subject Matter Expert to help sales understand and interpret client needs and expectations for potential upcoming engagements.
• Performs off-hours work as necessary, occasionally required
• Working with Account Teams to identify new opportunities with customers/prospects

QUALIFICATIONS & REQUIREMENTS:

Knowledge, Skill, & Abilities 

• Hands-on experience in IoT security assessments analyzing software, firmware, hardware, and components within the system.
• Strong knowledge of common security frameworks, protocols, and attack vectors (e.g., OWASP, NIST, ISO).
• Thorough understanding of networking, operating systems (*nix/Mac/Windows)
• Ability to perform analysis of network traffic
• Solid understanding of cloud security, network protocols, and secure development practices.
• Mobile application security testing 
• Medical device penetration testing experience 
• Knowledge of OT and/or Automotive testing is beneficial
• Scripting and programming knowledge (e.g., Python, Bash, C) is a plus.
• Excellent verbal and written communication skills, with an ability to explain complex security topics to non-technical stakeholders.
• Ability to work both independently and in a team-oriented, collaborative environment.

Education 

• Bachelor’s degree in computer science or similar preferred

Experience 

• Minimum 10 years of general IT experience (networking, IT support, Blue Team, or development-type roles)
• 2 years experience in IoT/Medical Device penetration testing 

Certifications 

• OSCP, GPEN, CRTP, or equivalent certifications

PHYSICAL DEMANDS & WORK ENVIRONMENT

• Work may be sedentary, consisting of sitting for long periods and working at a computer.
• Physical effort may require lifting up to 25 pounds.

Equipment Used 

• Laptop or Desktop Computer
• Phone or Headset

Travel Required

• Ability to travel up to 20%

TUV Rheinland North America EEO Statement

As a global business, TUV Rheinland North America relies on diversity of culture and thought to deliver on our goal of Creative People, Practical solutions serving our client needs, and ensures nondiscrimination in all programs and activities in accordance with Title VI and VII of the Civil rights Act of 1964. We continuously seek talented, qualified employees in our world-wide operations regardless of race, color, sex/gender, including gender identity and expression, sexual orientation, pregnancy, national origin, religion, disability, age, marital status, citizen status, protected veteran status, or any other protected classification under country or local law. TUV Rheinland North America is proud to be an Equal Employment Opportunity/ Affirmative Action Employer/ Federal Contractor desiring priority referrals of all protected veterans for job openings.

#LI-remote