Vancord is actively seeking a dedicated Security Engineer with a specialization in penetration testing to strengthen our Offensive Security team. Ideal candidates have expertise in identifying and exploiting vulnerabilities to enhance security measures. If you are passionate about pushing boundaries through ongoing training, engaging in new projects, and interacting with clients to meet security goals, this role is perfect for you.

About Vancord:

Vancord provides managed services in both infrastructure and security spaces; as a member of the security engineering team, you will be involved in the project pipeline from presales engineering and project scoping, to testing, and final delivery of high-quality services and reports for both technical and executive audiences.

Responsibilities:

• Perform in-depth penetration tests on a wide range of digital infrastructures, including web applications, mobile applications, and network systems, to identify vulnerabilities.

• Create detailed reports outlining the methods used and the implications of the findings, proposing actionable mitigation strategies.

• Evaluate and analyze results from security assessments of cloud infrastructure and services such as AWS, Azure, Microsoft 365, Google Workspaces, etc.

• Create and deliver technical finding reports that clearly and effectively communicate findings and their impact.

• Create playbooks and repeatable processes to ensure consistency of execution and distribution of knowledge.

• Provide guidance and mentorship for junior members of Vancord and our partner teams.

• Interface with clients and staff with professionalism and an overall positive attitude

• Keep abreast of the latest in penetration testing methodologies and tools to continually refine testing strategies.

Required Qualifications:

• The applicant must demonstrate experience in cybersecurity, with a strong emphasis on penetration testing. We are interested in skillset and expertise, not necessarily longevity in the field.

• Demonstrate ability to perform penetration testing initiatives and provide valuable, actionable insights.

• A track record of self-education and an ability to adapt comfortably to change is necessary.

• Familiarity with vulnerability scanning/management tools such as Nessus, Qualys, etc.

• Experience in scripting and programming (Python, Bash, PowerShell) for automation, application, or exploit development.

• Experience with Windows and Linux/Unix operating systems. Comfortable performing tasks from within a command line interface (Bash, PowerShell, etc.)

• Excellent communication and technical writing skills

• Strong problem-solving skills and attention to detail

• Remote candidates must have a stable internet connection and dedicated workspace to hold customer and internal meetings. Candidates will be expected to appear on camera during these meetings.

Nice to haves:

• Relevant infrastructure, cloud, or security certifications that align with industry expectations. Offensive security focused certifications such as OSCP, CEH, PNPT, HTB CPTS, etc.

• A background in software development at any scale.

• A background in managing server infrastructure, designing/deploying campus sized networks, or a history of cloud infrastructure management.