Security Engineer | Web Application Penetration Testing (Remote)

Who is Trace3

Trace3 is a leading Transformative IT Authority providing unique technology solutions and consulting services to our clients. Equipped with elite engineering and dynamic innovation we empower IT executives and their organizations to achieve competitive advantage through a process of Integrate Automate Innovate.

Our culture at Trace3 embodies the spirit of a startup with the advantage of a scalable business. Employees can grow their career and have fun while doing it!

Trace3 is headquartered in Irvine California. We employ more than 1200 people all over the United States. Our major field office locations include Denver Indianapolis Grand Rapids Lexington Los Angeles Louisville Texas San Francisco.

Ready to discover the possibilities that live in technology

Come Join Us!

StreetSmartThriving in Dynamic Times

We are flexible and resilient in a fastchanging environment. We continuously innovate and drive constructive change while keeping a focus on the big picture. We exercise sound business judgment in making highquality decisions in a timely and costeffective manner. We are highly creative and can dig deep within ourselves to find positive solutions to different problems.

Juice The Stuff it takes to be a Needle Mover

We get things done and drive results. We lead without a title empowering others through a cando attitude. We look forward to the goal mentallymapping outevery checkpoint on the pathway to success and visualizing what the final destination looks and feels like.

Teamwork Humble Hungry and Smart

We are humble individuals who understand how our job impacts the companys mission. We treat others with respect admit mistakes give credit where its due and demonstrate transparency. We bring the weather by exhibiting positive leadership and solutionfocused thinking. We hug people in their trials struggles and failures not just their success. We appreciate the individuality of the people around us.

About the Role:

The Offensive Security Engineer will perform offensive security campaigns for our clients to improve their ability to protect detect and respond to known adversaries. This position will reduce cyber risk by uncovering vulnerabilities and weaknesses in our clients enterprise cyber environment through coordinated ethical hacking and penetration testing scenarios. The Engineer will work closely with team members to execute and report on sophisticated ethical hacking exercises to identify cyber vulnerabilities and reduce the risk posture of enterprise systems. This role will be primarily responsible for performing application and OS security assessments and will make recommendations on effective countermeasures. A key function of this role will be building deep relationships gaining trust and enabling client success.

What Youll Do:

• Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party using opensource custom and commercial testing tools
• Conducts WebApp penetration tests over a variety of products.
• Report generation that clearly communicates testing and assessment details results and remediation recommendations to clients
• Develop scripts tools and methodologies to automate and streamline internal processes and engagements
• Conduct IT application testing cybersecurity tool and systems analysis system and network administration and systems engineering support for the sustainment of information technology systems
• Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyberattacks including response and recovery of a data security breach
• Maintain a firm grasp on the industry and anticipate trends and movements while balancing maturity and timing
• Contribute to Trace3s presence and brand in the Security community

Qualifications & Interests:

• Bachelors degree in Engineering in Computer Science or Information Technology or a related technical field; or equivalent related professional experience
• OSCP eCPPT eWPT PNPT OSWE or other equivalent certification(s) is a huge plus
• Through understanding of one or more Unix/Linux/Mac/Windows operating systems
• 23 years experience in at least three of the following:
  • Red Team penetration test tools such as Kali ParrotOS Bloodhound MetaSploit BurpSuite OWASP Zap etc
  • Network penetration testing and manipulation of network infrastructure
  • Web application assessments (Mobile application testing a plus)
  • Shell scripting or automation of simple tasks using Perl Python Go Powershell or Ruby
  • Developing extending or modifying exploits shellcode or exploit tools
  • Developing applications or scripts in C# ASP .NET ObjectiveC Go Java (J2EE) Python or Ruby
• Experience with at least one or more of the major cloud providers (AWS Azure and GCP)
• Strong knowledge of tools used for web application and network security testing
• Strong knowledge of current web application structure and strong ability to test both modern and older web applications
• Motivated selfstarter who loves to solve challenging problems and feels comfortable working directly with customers
• Excellent oral written communication and presentation skills with an ability to present client security sessions and security workshops to CLevel Executives and nontechnical audience
• Highly organized detailoriented excellent time management skills and able to effectively prioritize tasks in a fastpaced highvolume and evolving work environment
• Ability to approach customer and sales requests with a proactive and consultative manner; listen and understand user requests and needs and effectively deliver
• Comfortable managing multiple and changing priorities and meeting deadlines in an entrepreneurial environment
• Ability to travel when needed

The Perks

• Comprehensive medical dental and vision plans for you and your dependents
• 401(k) Retirement Plan with Employer Match 529 College Savings Plan Health Savings Account Life Insurance and LongTerm Disability
• Competitive Compensation
• Training and development programs
• Stocked kitchen with snacks and beverages
• Collaborative and cool culture
• Worklife balance and generous paid time off

Our Commitment

At the core of Trace3s DNA is our people. We are a diverse group of talented individuals who understand the importance of teamwork and demonstrating leadership character and passion in all that we do.

Were committed to fostering an inclusive workplace where everyone feels respected valued and empowered to grow. We recognize that embracing diversity drives innovation improves outcomes fosters collaboration boosts teammate satisfaction and builds a more inclusive culture.

As an equal opportunity employer Trace3 bases all employment decisions based on individual qualifications merit and business requirements. We do not engage in discrimination on the basis of race color religion sex (including gender identity sexual orientation and pregnancy) national origin age (40 or older) disability genetic information or any other characteristic protected by federal state or local law.

Any demographic information provided is strictly voluntary kept confidential in accordance with Equal Employment Opportunity (EEO) regulations and will not be used in employment decisions including hiring promotions or mentorship programs. We are committed to providing equal employment opportunities for all.

If you require a reasonable accommodation to complete the application process or participate in an interview please email.

***To all recruitment agencies:Trace3 does not accept unsolicited agency resumes/CVs. Please do not forward resumes/CVs to our careers email addresses Trace3 employees or any other company location. Trace3 is not responsible for any fees related to unsolicited resumes/CVs.