Offer summary

Qualifications:

Experience in penetration testing for web applications and APIs., Strong understanding of network security and vulnerability assessment., Ability to write clear and concise reports for clients., Familiarity with security best practices in application and infrastructure design..

Key responsibilities:

Conduct penetration testing on web applications, APIs, and network infrastructures.

Prepare and deliver detailed reports outlining vulnerabilities and risk assessments.

Advise clients on security best practices and remediation strategies.

Collaborate with internal teams and clients to ensure effective testing and reporting.

Job description

(this position is US based remote)

What we believe

In the past two years, more than a trillion dollars have been invested in software companies at record prices. And in many cases, the underlying tech is the greatest enabler to the business strategy. But has the approach to govern technology value creation caught up to the magnitude of the risk?

We believe a better way is possible – a more programmatic, proactive approach to actively manage technology throughout the investment lifecycle – and that’s what we do.

Our role

We know that technology can create truly transformative change, and its role in business is only growing. Crosslake is here to support the changemakers and help them buy, build and run better technology.

What we value

You could be a good fit for Crosslake if you see yourself reflected in our guiding values:

Service. We effect change by empowering others.

Curiosity. We believe great advice starts with deep understanding.

Credibility. Our expertise is earned and proven.

Commitment. It’s our privilege to serve clients in their critical moments.

Creativity. We are inspired by the constant pursuit of better.

Overview

Perform network-based penetration testing for our clients to identify, assess, and report on vulnerabilities in their public facing infrastructure.

Perform penetration testing on web applications and APIs (internal and external) to identify, assess, and report on vulnerabilities in their applications.

Perform red team exercises to determine where weaknesses in the client’s infrastructure and how it should be remediated.

Write clear, concise, effective deliverable reports for clients to help them understand their risk posture and how they can reduce it.

Advise clients on security best practices including application design, infrastructure architecture design, and other considerations.

Collaborate with other Crosslake practitioners to socialize penetration testing best practices.

Requirements

Be an apprentice tester for your first 2 projects and then be willing and able to drive a project on your own to successful completion.

Participate in and drive penetration efforts on behalf of clients, collaborating, digging deep, and creating a report for the investors to outline technical vulnerability and risk.

Deliver at least one network, API, or web application penetration test every week.

Work with private equity companies and other investment firms to help them understand the existing technology risks and vulnerabilities that exist in their environment or portfolio.

Collaboratively work in partnership with internal and client technical leads and team members to ensure that planning and execution of penetration testing efforts occur in a timely fashion and reports are of high quality.

Required profile