What are the responsibilities and job description for the Volunteer Senior Penetration Testing Engineer position at Menzies Philanthropic Foundation?
Job Title : Senior Penetration Testing Engineer
Reports to : Governance, Risk, and Compliance Lead
Location : Remote (WFH)
About the Organization :
Menzies Philanthropic Foundation is a non-profit organization deeply committed to global orphanage support, guided by the Menzies 5 Keys of Needs. Our overarching mission is to lead the way in creating eco-regenerative conscious communities, serving as secure sanctuaries for orphans and vulnerable families. With a focus on addressing trauma and promoting holistic healing, we strive to foster environments where individuals can thrive and flourish.
As part of the Menzies Mission Non-profit Organization, My Source Network stands as an innovative digital platform dedicated to holistic healing. By connecting individuals with a diverse network of practitioners and resources, we facilitate access to various healing modalities and transformative events. Our platform empowers users to embark on personalized wellness journeys, fostering growth and well-being in every individual we serve.
Join our team and help us create exceptional digital experiences for our users!
Job Overview :
As a Senior Penetration Testing Engineer, you will be a key member of our innovative security team, dedicated to simulating real-world cyber-attacks. Your mission is to identify and exploit security vulnerabilities, mimicking the tactics, techniques, and procedures (TTPs) used by actual adversaries. This role involves performing advanced penetration testing across web applications, networks, and wireless systems, as well as contributing to the automation of security tasks. You will work closely with clients and internal teams to ensure robust security defenses, helping to protect our organization’s digital assets.
Key Responsibilities :
- Conduct advanced web application, network, and wireless penetration testing at scale.
- Identify newly exploitable systems and vulnerabilities, utilizing the latest attack vectors and techniques.
- Develop and execute payloads and command-and-control (C2) infrastructure that bypass defenses.
- Simulate real-world adversary tactics and techniques, demonstrating impact through post-exploitation activities.
- Design and conduct large-scale social engineering tests using the latest techniques and tools.
- Manage the full lifecycle of security projects, including client interactions, reporting, and presentations.
- Contribute to the development of automated security tools and infrastructure, collaborating with development teams.
- Utilize and maintain expertise in advanced penetration testing tools such as Burp Suite Pro, Nessus, Metasploit, and CobaltStrike.
- Work with cloud platforms (e.g., AWS) and automation tools (e.g., Terraform, GitLab pipelines).
Skills and Qualifications :
Preferred Qualifications :
Equal Opportunity Employer :
Menzies Philanthropic Foundation is committed to diversity, inclusion, and equal opportunity. We welcome applicants from all backgrounds and do not discriminate based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, veteran status, or any other characteristic protected by law. Accommodation for the application process is available upon request.
