Senior Penetration Tester

Innovation starts from the heart. At Edwards Lifesciences, we’re dedicated to developing ground-breaking technologies with a genuine impact on patients’ lives. At the core of this commitment is our investment in cutting-edge information technology. This supports our innovation and collaboration on a global scale, enabling our diverse teams to optimize both efficiency and success. As part of our team, your expertise and commitment will help facilitate our patient-focused mission by developing and enhancing technological solutions

As Senior Penetration Tester you will provide deep technical expertise in offensive security across a wide range of modern enterprise environments, including cloud infrastructure, web applications and enterprise technologies. Execute penetration tests, purple team exercises and red team operations targeting AWS environments, enterprise applications, and other critical systems. Collaborate with stakeholders to assess, exploit, and strengthen the security posture of diverse technology stacks and architectures.

How you will make an impact:

• Execute advanced penetration tests and red team engagements across diverse environments, including cloud, on-premises, and hybrid infrastructures.
• Design and implement offensive security methodologies to simulate real-world attack scenarios.
• Identify and exploit vulnerabilities, misconfigurations, and privilege escalation paths in various systems and services.
• Develop and maintain custom tools and scripts to support exploitation, automation, and reporting.
• Perform root cause analysis of security issues and deliver actionable remediation guidance.
• Collaborate with internal teams to enhance security posture through knowledge sharing, tool development, and methodology refinement.

What you'll need (Requirements):

• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Engineering, or a related technical field.
• 7+ years of experience in offensive security, with focus on cloud (AWS, Azure) penetration testing.
• Relevant certifications preferred (e.g., OSCP, OSEP, CRTO, CRTL, CARTS, ARTE).

What else we look for (Preferred):

• Deep understanding of cloud platforms (e.g., AWS, Azure) and their core services, along with common security misconfigurations and attack vectors.
• Proficiency in scripting languages such as Python, Bash, or PowerShell, and familiarity with offensive security tools (e.g., Impacket, Pacu, ROADtools, or similar).
• Strong knowledge of adversary tactics and techniques, including frameworks like MITRE ATT&CK and other threat emulation methodologies.
• Excellent analytical and problem-solving skills with a keen attention to detail.
• Ability to design and execute complex attack chains across cloud, hybrid, and on-premises environments.
• Capable of planning and executing stealthy operations with a strong focus on operational security (OPSEC).
• Strong communication skills, including the ability to write clear technical reports and engage effectively with stakeholders.
• Experience with Active Directory security, red team operations, or threat emulation is a plus.