Job Summary: We are seeking a Security Engineer professional with expertise in penetration testing, product security reviews, audit support (GRC), and security automation using Python. The ideal candidate will have experience working with open-source security tools, coordinating security efforts with international teams, and ensuring compliance with security best practices. A strong background in Linux security and basic networking is essential for this role. This position is 100% remote. Rate is 70.00 -80.00 per hour.
Key Responsibilities:Penetration Testing & Security Assessments: - Conduct penetration testing on applications, networks, and infrastructure using open-source security tools.
- Perform product security reviews and generate detailed reports outlining risks and remediation steps.
- Simulate real-world cyber threats to identify vulnerabilities and security weaknesses.
- Develop custom security testing scripts and automation using Python.
Audit & Governance, Risk, and Compliance (GRC): - Assist in security audits and ensure compliance with regulatory and industry standards.
- Support the completion of security assessments and documentation.
- Collaborate with internal teams to mitigate risks and close audit gaps.
Coordination & Reporting: - Work closely with international teams to align security practices and ensure corporate compliance.
- Provide technical security assessments and risk reports.
- Communicate findings and remediation plans to stakeholders across engineering, product, and compliance teams.
Technical Expertise: - Experience working with Linux security and system hardening.
- Strong understanding of basic networking concepts and protocols.
- Proficiency in Python for security automation, scripting, and penetration testing.
- Hands-on experience with open-source security tools such as Burp Suite, Metasploit, Nmap, Wireshark, OWASP ZAP, Nessus, Nikto, Aircrack-ng, John the Ripper, OpenVAS, Snort, Suricata.
- Familiarity with SIEM, IDS/IPS, and log analysis tools.
Qualifications & Skills: - 5 years of experience in penetration testing, security auditing, or a related cybersecurity role.
- Hands-on experience with open-source security tools and frameworks.
- Knowledge of audit processes, risk assessments, and GRC frameworks.
- Strong ability to write professional security reports and documentation.
- Experience coordinating with external teams, particularly large enterprises.
- Relevant certifications (e.g., OSCP, CISSP, CEH, CISA, GPEN, Pentest) are a plus.