About Inspectiv
At Inspectiv, we are dedicated to revolutionizing the landscape of vulnerability management with a unified platform for Bug Bounty as a Service and Pentesting as a Service. Our remote-first team is driven by the vision of providing all the advantages of vulnerability management without the traditional hassle or unpredictable expense. Join us in ensuring our clients that their external attack surface remains impeccably secure and fortified.
We are a well-funded Series A company with top tier investors.
Job Description
We are seeking a candidate who will be performing and managing application security, pen testing, and offensive security engagements. The objective is to provide exceptional services to our customers through efficient communication, project management, and attention to technical detail.
The Opportunity
In this role, you will have a unique opportunity to contribute to the growth and success of an early-stage (Series A) startup. Your impact will be felt across our product, culture, and business. You will collaborate closely with our Product, Design, and Engineering teams, as well as other departments, as we continue to expand.
Your main responsibility will be coordinating the delivery of multiple security testing engagements by interfacing with customers and a team of internal and external offensive security and application security testers. When available, you will also be assigned to penetration testing engagements. This is a unique opportunity for a candidate that is interested in managing engagements while continuing to perform hands-on-keyboard penetration testing. This is a full-time remote role, and the successful candidate will report directly to our Offensive Security Services Manager.
As a customer-facing role, it is essential to adopt a customer-centric and collaborative approach to deliver services effectively. There will be instances where a hands-on approach is required, and maintaining strong relationships with our most valued customers, vendors, and security professionals will be crucial. Balancing customer goals with business needs will be paramount to ensure exceptional service delivery.
This role requires a unique blend of technical expertise, and project management skills. We're looking for an individual who thrives in this fast-paced environment and is passionate about delivering high-quality results.
Who will love this job:
Values using their technical penetration testing knowledge while helping the team scale
Enjoy’s continued personal growth and an engaging environment
Has an ownership mindset
You bring empathy and its accompanying vulnerability into your work
You support inclusive teams and respectful collaboration
Open to interacting with our community and engaging with their peers inside and outside the business
What you will do:
Ensure the timely delivery and quality execution of our offensive security services
Collaboratively develop and pitch high-value offensive security solutions to customers
Understand the financial modeling of services and make informed decisions on products, hours, rates, and margins
Onboard and manage work going to and from internal and external staff
Translate analytical outcomes and results into compelling narratives/presentations for internal and external stakeholders
Mentor our existing security engineers and grow them in their careers
Assist in writing content on interesting vulnerabilities or security best practices with our Marketing team for our wide security community to consume
Partner with Product and Engineering teams to identify opportunities to scale process
What we’re looking for:
3+ years of combined experience in a penetration testing role
2+ years of combined experience in network penetration testing and configuration review of internal cloud environments (Azure, AWS, GCP)
Strong understanding of web application development and the secure development lifecycle (SDLC)
Ability to manage multiple penetration testing project simultaneously
Ability to perform unsupervised penetration testing and red team engagements
Ability to explain vulnerabilities and weaknesses to non-technical stakeholders
Relevant certifications: GIAC Cloud Penetration Tester (GCPN), Practical Network Penetration Tester (PNPT), Certified Cloud Penetration Tester (CCPT), Burp Suite Certified Practitioner (BSCP), GIAC Web Application Penetration Tester (GWAPT)
Bonus points if you have any of the below:
Offensive Security Professional Certification (OSCP) or similar years of experience or certifications.
CREST Registered Penetration Tester (CRT), CREST Certified Tester - Application (CCT APP), or any other relevant CREST certifications
4+ years experience with penetration testing internal cloud environments (Azure, AWS, GCP)
2+ years experience with penetration testing web applications and APIs
2-3 years application security experience protecting web based applications
2-3 years of hands on Red Team or offensive security experience
Any experience with Bug Bounty programs, Vulnerability Management or Vulnerability Disclosure processes.
Bonus points for experience with any of the technologies below:
Kali Linux
Metasploit
Python Impacket
CobaltStrike
Burp Suite or OWASP ZAP
Nessus
Nuclei
OpenVAS
Automatic exploitation tools
What we offer:
Partner with enthusiastic and talented colleagues and industry leaders who are compelled to do good in the world
Opportunity to be a part of the creation of new products poised to revolutionize an industry
A collaborative and empathy-led culture that takes security seriously
Experienced leadership team and fast growth opportunities
Remote-first culture, flexible work schedules, and exciting perks
Generous benefits program offering Health, Vision, Dental, Life Insurance, etc.
Salary Range: 100k - 130k + equity. Exact compensation will vary based on skills and experience.
We are an equal opportunity employer and do not discriminate against otherwise qualified applicants on the basis of race, color, gender, religion, sex (including gender identity and sexual orientation), national origin, disability, veteran status, age, marital status, pregnancy, or any other protected group status as defined by the law. If you need assistance or accommodation due to a disability, you may contact us at people@inspectiv.com.