Cybersecurity Specialist

Principal Penetration Tester Job Description

We are seeking a highly skilled Principal Penetration Tester to join our cybersecurity team at HealthEquity. This role involves proactive identification and mitigation of vulnerabilities in our customer-facing SaaS applications.

Key Responsibilities:
Perform thorough penetration testing on applications, networks, systems, and infrastructure.
Simulate real-world attacks to identify vulnerabilities and risks.
Conduct risk assessments and vulnerability analysis, providing detailed reports that outline findings, severity, and remediation recommendations.
Lead and participate in advanced Red Team exercises to test an organization's security readiness against sophisticated attacks.
Build, modify, and customize tools/scripts for specific penetration testing scenarios.
Generate comprehensive reports that explain the vulnerabilities found, their potential impact, and recommended remediation strategies.
Work closely with IT, development, and operations teams to communicate vulnerabilities and guide remediation efforts.
Stay up-to-date on the latest threats, vulnerabilities, and security technologies.
Continuously research new attack techniques and defense strategies.
Mentor junior team members, providing guidance and sharing knowledge of best practices and cutting-edge techniques.

Requirements:
Proven experience in penetration testing, particularly on SaaS applications.
Familiarity with solutions like Burp Suite, Metasploit, and OWASP Top 10.
Strong understanding of web application security and common vulnerabilities.
Ability to think like an attacker and approach testing with a black box mentality.
Ability to chain multiple exploits together to demonstrate complex attack scenarios.
Excellent problem-solving skills and attention to detail.
Strong communication skills, with the ability to explain complex security issues to non-technical stakeholders.

This is a remote position with a salary range of $135,000.00 to $200,000.00/year.

---