Senior Penetration Tester- AWS- Remote (Anywhere in the U.S.)

We are seeking a highly skilled Senior Cloud Security Penetration Tester with strong AWS expertise to join our Threat & Attack Simulation team. In this role, you will lead cloud penetration testing engagements, focusing on network penetration testing and assumed breach scenarios to validate real-world risks in cloud environments. You will work as part of a supportive 3-person project structure, serving as either the lead consultant (primary performer) or providing technical oversight, depending on the engagement. The ideal candidate will combine technical excellence with outstanding communication skills and demonstrate initiative in driving security improvement efforts.

• Lead cloud penetration testing engagements with a focus on AWS environments
• Perform network penetration testing and assumed breach scenarios to validate security risks
• Execute real-world attack simulations to demonstrate the impact of cloud misconfigurations
• Develop and implement sophisticated testing methodologies for cloud environments using tools like ScoutSuite, Prowler, CloudMapper, and Pacu
• Author comprehensive client deliverables including executive summaries, detailed technical reports, and remediation recommendations
• Present findings and recommendations to technical and non-technical stakeholders
• Stay current with emerging cloud security threats, attack vectors, and defensive strategies
• Collaborate with internal teams and peers to continually improve testing methodologies and tooling

• 3-5 years of experience in cloud security penetration testing, with strong emphasis on AWS environments
• Demonstrated expertise in network penetration testing and assumed breach methodologies
• In-depth understanding of cloud architecture, security controls, and attack vectors
• Experience with cloud-specific security testing tools (ScoutSuite, Prowler, CloudMapper, Pacu)
• Experience in writing clear, actionable security reports for both technical and executive audiences
• Excellent verbal communication skills for client presentations and stakeholder interactions
• Strong initiative and self-direction, with ability to lead complex security engagements
• OSCP certification or equivalent demonstrable penetration testing experience

• AWS security certifications (AWS Certified Security - Specialty, etc.)
• Experience with multi-cloud environments (AWS, Azure, GCP)
• Knowledge of containerization technologies and serverless security testing
• Familiarity with compliance frameworks (SOC2, PCI-DSS, HIPAA, etc.)
• Familiarity with LLM/Agentic tools to improve efficiency
• Experience developing custom tools or scripts for cloud security testing
• Background in red teaming or adversary simulation

• 100% remote work with minimal travel requirements
• Opportunity to work with diverse, high-profile clients including Fortune 500 companies and government agencies
• Opportunity to lead high-impact security engagements across various industries
• Collaborative environment working alongside cloud security experts within our Threat & Attack Simulation team
• Clear progression opportunities serving as both lead consultant and technical oversight roles
• Continuous learning and professional development opportunities

You'll report to a team lead and work within our proven 3-person engagement model that includes a lead consultant (primary performer), technical oversight consultant, and managing consultant for escalation support. This structure ensures quality delivery while providing mentorship opportunities and collaborative problem-solving.

This role requires a dynamic security professional who can independently drive engagements while delivering exceptional client value through practical, real-world security testing and clear communication of findings.