Offensive Security Specialist

🔥 0 minutes ago

🏄 California – Remote

🏄 California – Remote

⏰ Full Time

🟡 Mid-level

🟠 Senior

👮‍♂️ Cybersecurity / Security Engineer

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

DeepSeas

WebsiteLinkedInAll Job Openings

201 - 500 employees

Founded 30 years

🔒 Cybersecurity

🏢 Enterprise

Cybersecurity • Enterprise

DeepSeas is a leading Managed Detection & Response (MDR) provider that specializes in transforming cybersecurity programs for various industries. Their offerings include CISO Advisory, Managed Detection & Response, and Offensive Security & Attack Surface Management. DeepSeas excels in areas such as cloud defense, ransomware protection, and critical infrastructure security. They provide solutions for cybersecurity transformation, including under vCISO services, pen testing, and AI risk management. DeepSeas is ranked as a top global MDR provider and is praised for its rapid and meaningful outcomes in enhancing cybersecurity measures across financial, healthcare, manufacturing, and pharmaceutical sectors.

📋 Description

• Conduct internal and external network penetration tests including enumeration, exploitation, lateral movement, and post-exploitation within defined scope. • Perform web application assessments aligned to OWASP Top 10 and API security testing standards. • Conduct basic cloud security assessments (AWS, Azure, GCP) including misconfiguration identification, IAM review, and exposed services enumeration. • Support AI/LLM security assessments including prompt injection, model abuse scenarios, and OWASP LLM Top 10 coverage under senior guidance. • Produce complete, client-ready findings reports with clear technical narratives, reproduction steps, risk ratings, and remediation guidance. • Participate in client kick-off calls and debrief walkthroughs, communicating findings professionally to technical and non-technical stakeholders. • Maintain accurate engagement documentation, time tracking, and artifact organization in project management systems. • Pursue continuous development through assigned training, lab environments, and certification advancement. • May be required to travel up to 50% of the time. • Must be a US Citizen.

🎯 Requirements

• 1–3 years of professional penetration testing or applied offensive security experience; strong candidates with equivalent demonstrated skills will be considered. • Hands-on penetration testing certification preferred. Examples include PNPT (TCM Security), OSCP (Offensive Security), CompTIA PenTest+, or eWPT/eJPT with demonstrated experience. • Proficiency with standard toolsets: Nmap, Metasploit, Burp Suite, Nessus/OpenVAS, BloodHound, or equivalents. • Solid understanding of networking fundamentals (TCP/IP, DNS, HTTP/S, AD, VPNs) and common vulnerability classes. • Familiarity with at least one scripting language (Python, Bash, or PowerShell) for basic automation and tooling. • Exposure to cloud platforms (AWS, Azure, or GCP) and awareness of common cloud misconfiguration patterns. • Strong written communication with the ability to produce accurate, professional-quality findings documentation.

🏖️ Benefits

• Understanding and following DeepSeas’s information security policies and procedures. • Remaining vigilant and reporting any suspicious activity or possible weaknesses in DeepSeas’s information security. • Actively participating in DeepSeas’s efforts to maintain and improve information security. • DeepSeas considers this position is as Moderate Risk with a potential to view/access/download restricted/private client/internal data. • This information must be treated with sensitivity and in the most secure manner. • HR reserves the right to perform random background/drug screens to ensure the safety of client/DeepSeas data