Senior Penetration Testing Specialist
🇺🇸 United States
Consulting
Management
Python
AWS
GCP
Azure
GraphQL
Finance
Machine Learning
CPA
Sales
Cybersecurity
Devops
SQL
Testing
Security Engineer
$100,000 - $130,000
Senior Penetration Testing Specialist
from 🇺🇸 United States
$100,000 - $130,000
Aprio is a top 20 CPA-led advisory firm that is passionate about "what’s next." We are proud to be a “Best Place to Work” and have the highest ranking on Glassdoor among the top 50 public accounting firms. We are headquartered in Atlanta, GA, with over 1,200+ team members working in offices and virtually across the U.S. and internationally. Aprio serves national and international clients doing business in 50 countries with team members that speak more than 30 languages. Â
Aprio’s IAS team serves leading technology service providers, from disruptive start-ups to global market leaders.
- We have great people dedicated to delivering a great client service experience,Â
- We are information security and compliance experts,Â
- We are committed to fostering a startup environment where teammates are rewarded for having a growth mindset.
- Contribute to cutting-edge initiatives as we expand into CMMC, FedRAMP, PCI SSF, and work around other high performers developing custom software security solutions, offering opportunities to tackle unique security challenges in high-stakes, regulated industries.
- Work on diverse, high-impact projects across a number of teams and industries and take on the opportunity to build a team around you over time.
- Access unparalleled professional development through training, certifications, and hands-on experience with emerging technologies, ensuring you stay ahead in the rapidly evolving cybersecurity landscape.
- Enjoy a collaborative, innovative culture with competitive salary, comprehensive benefits, and flexible work arrangements, fostering both personal and professional growth.
Qualifications:
You are a great candidate for this role if you:
- Have experience with cloud infrastructure offensive security assessments (e.g., AWS, Azure, GCP), web application and API penetration testing, and traditional network penetration testing
- Are proficient in developing assessment documentation and documenting the results of your work
- Are familiar with penetration testing requirements for common security compliance frameworks (e.g., FedRAMP, PCI DSS, PCI SSF)
- Experience with Red-Team and Purple-Team engagements is a huge plus.
Candidates interested in the Role should possess the following:
- Minimum of 5 years' experience in penetration testing or a related cybersecurity role, with a focus on network, cloud infrastructure, web application, and API testing.
- Expertise in network penetration testing, including assessment of protocols (e.g., TCP/IP, DNS, VPN), firewalls, and intrusion detection/prevention systems.
- Hands-on experience with cloud security testing in platforms such as AWS, Azure, or GCP, and their cloud native solutions.
- In-depth knowledge of web application penetration testing, covering OWASP Top 10 vulnerabilities (e.g., SQL injection, XSS, CSRF) and secure coding practices.
- Â Strong proficiency in API security testing, including REST, SOAP, and GraphQL, with experience in identifying issues like broken authentication, excessive data exposure, and injection flaws.
- Familiarity with common penetration testing tools such as Burp Suite, Metasploit, Nmap, Nessus, Wireshark, and Kali Linux.
- Experience with scripting languages (e.g., Python, Bash, PowerShell) for automating tests or developing custom exploits.
- Understanding of secure development lifecycle (SDLC) and DevSecOps practices to integrate security into CI/CD pipelines.
- Strong analytical and problem-solving skills, with the ability to think like an attacker and identify complex attack chains.
- Excellent communication skills to articulate technical findings to both technical and non-technical stakeholders in verbal and written form.
- Bonus – OSCP, OSWE, CRTP, and other certifications that require hands on skills application to obtain are a huge plus.



