Bishop Fox
201 - 500 employees
Founded 2007
🔒 Cybersecurity
💰 $46M Series B on 2022-11
Cybersecurity
Bishop Fox is a leader in offensive security, offering a range of continuous security solutions to protect dynamic attack surfaces. Their services include attack surface management, application penetration testing, cloud security assessments, network security, and more. They focus on proactive defense strategies, subjecting clients' networks to real-world attack scenarios to bolster security resilience. Bishop Fox collaborates with major partners like Google, Facebook, and Amazon, ensuring robust security solutions for complex ecosystems. Their commitment to advancing security is rooted in innovative research and collaboration with the broader cybersecurity community.
Cloud Penetration Tester
🕒 May 8
📊 Check your resume score for this job
Improve your chances of getting an interview by checking your resume score before you apply.
Bishop Fox
201 - 500 employees
Founded 2007
🔒 Cybersecurity
💰 $46M Series B on 2022-11
Cybersecurity
Bishop Fox is a leader in offensive security, offering a range of continuous security solutions to protect dynamic attack surfaces. Their services include attack surface management, application penetration testing, cloud security assessments, network security, and more. They focus on proactive defense strategies, subjecting clients' networks to real-world attack scenarios to bolster security resilience. Bishop Fox collaborates with major partners like Google, Facebook, and Amazon, ensuring robust security solutions for complex ecosystems. Their commitment to advancing security is rooted in innovative research and collaboration with the broader cybersecurity community.
📋 Description
• Perform hands-on security testing • Analyze application behavior • Review source code • Identify realistic exploitation scenarios • Validate security controls across modern architectures • Work closely with clients and internal teams to deliver high-quality technical assessments and actionable remediation guidance
🎯 Requirements
• 4+ years of experience in application security assessments, penetration testing, or offensive security engagements • Strong understanding of application security fundamentals, modern attack techniques, and common vulnerabilities affecting web applications, APIs, mobile applications, and cloud-native environments • Hands-on experience testing REST APIs, including authentication/authorization flaws, IDORs, injection vulnerabilities, session management issues, and business logic flaws • Strength with AWS services and cloud security concepts, including IAM, STS, S3, Lambda, API Gateway, CloudTrail, CloudWatch, and secure communication patterns such as SigV4 • Solid understanding of networking and web fundamentals, including HTTP/HTTPS, TCP/IP, DNS, API communication flows, cookies, headers, and related concepts • Experience reviewing source code for security issues in Java, C#, and Python applications • Knowledge of secure coding principles and common risks such as SSRF, insecure deserialization, injection vulnerabilities, sensitive data exposure, and insecure cloud integrations • Understanding of SDLC, CI/CD pipelines, and secure development practices • Experience using security assessment and code review tools such as Burp Suite, Semgrep, Git, AWS CLI, and API testing/debugging tools • Comfortable working across Linux, Windows, and macOS environments • Experience or strong interest in AI/LLM security, including prompt injection, RAG risks, insecure integrations, excessive permissions, and the OWASP Top 10 for LLM Applications • Strong written and verbal communication skills, with the ability to deliver clear, actionable findings and communicate technical risks to both technical and executive stakeholders • Experience following structured testing methodologies, documentation standards, and validation/retesting workflows • Strong collaboration and interpersonal skills when working with security, engineering, and client teams • Ability to manage multiple concurrent engagements while maintaining high-quality deliverables and attention to detail • Curious, adaptable, and professional mindset with a passion for continuous learning and emerging security trends
🏖️ Benefits
• Generous Time Off and Company-Wide Holidays • Team Events and International Travel Opportunities • Work From Home Support • Training Budget • Saving Fund • Food Coupons • Health and Wellbeing programs
Apply NowSimilar Jobs
🕒 May 7
Talent Attraction Specialist working with clients and recruiters to find top-notch talent for various roles. Engage in innovative sourcing strategies and maintain strong candidate relationships focusing on quality assurance and regulatory.
🕒 May 6
QA Engineer responsible for quality assurance in SaaS products, focusing on AI technologies. Collaborate with teams to implement automated testing and quality standards.
🗣️🇪🇸 Spanish Required
Cypress
GraphQL
JavaScript
Python
Selenium
🕒 May 4
Quality Assurance Document Review Specialist supporting an AI platform in the oil and gas industry. Validating AI-generated outputs for accuracy and compliance standards while working remotely.
🕒 May 2
Senior Quality Engineer focusing on AI-first testing for software solutions at Peek. Collaborating with product teams to refine processes and improve software quality.
🇲🇽 Mexico – Remote
💵 $1M - $1.1M / year
💰 $80M Series C on 2021-11
⏰ Full Time
🟠 Senior
🔧 QA Engineer (Quality Assurance)
🕒 April 30
UAT Tester conducting user acceptance testing collaborating with cross-functional teams to ensure systems meet requirements. Key role in identifying defects and ensuring software quality.
🇲🇽 Mexico – Remote
💰 Post-IPO Equity on 2018-05
⏰ Full Time
🟡 Mid-level
🟠 Senior
🔧 QA Engineer (Quality Assurance)
🗣️🇪🇸 Spanish Required
