Security Engineer (PenTesting)

Job Summary:

We are seeking a Security Engineer professional with expertise in penetration testing, product security reviews, audit support (GRC), and security automation using Python. The ideal candidate will have experience working with open-source security tools, coordinating security efforts with international teams, and ensuring compliance with security best practices. A strong background in Linux security and basic networking is essential for this role. This position is 100% remote. Rate is 70.00 -80.00 per hour.

Key Responsibilities:

Penetration Testing & Security Assessments:

• Conduct penetration testing on applications, networks, and infrastructure using open-source security tools.
• Perform product security reviews and generate detailed reports outlining risks and remediation steps.
• Simulate real-world cyber threats to identify vulnerabilities and security weaknesses.
• Develop custom security testing scripts and automation using Python.

Audit & Governance, Risk, and Compliance (GRC):

• Assist in security audits and ensure compliance with regulatory and industry standards.
• Support the completion of security assessments and documentation.
• Collaborate with internal teams to mitigate risks and close audit gaps.

Coordination & Reporting:

• Work closely with international teams to align security practices and ensure corporate compliance.
• Provide technical security assessments and risk reports.
• Communicate findings and remediation plans to stakeholders across engineering, product, and compliance teams.

Technical Expertise:

• Experience working with Linux security and system hardening.
• Strong understanding of basic networking concepts and protocols.
• Proficiency in Python for security automation, scripting, and penetration testing.
• Hands-on experience with open-source security tools such as Burp Suite, Metasploit, Nmap, Wireshark, OWASP ZAP, Nessus, Nikto, Aircrack-ng, John the Ripper, OpenVAS, Snort, Suricata.
• Familiarity with SIEM, IDS/IPS, and log analysis tools.

Qualifications & Skills:

• 5 years of experience in penetration testing, security auditing, or a related cybersecurity role.
• Hands-on experience with open-source security tools and frameworks.
• Knowledge of audit processes, risk assessments, and GRC frameworks.
• Strong ability to write professional security reports and documentation.
• Experience coordinating with external teams, particularly large enterprises.
• Relevant certifications (e.g., OSCP, CISSP, CEH, CISA, GPEN, Pentest) are a plus.