Back to search
New York Technology Partners Linkedin · Posted today

Penetration Tester

Chicago, Illinois, United States

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

Job Title #1: Associate Principal, Adversarial Red Team

Location: Chicago, IL (Onsite – Hybrid - 3 days in a week)

Position Type: Fulltime permanent position


Responsibilities:

Primary Duties and Responsibilities:

  • To perform this job successfully, an individual must be able to perform each primary duty satisfactorily.
  • Execute comprehensive Red Team simulations including network/application penetration testing, cloud security, social engineering, physical security, mobile testing, and OSINT within defined rules of engagement.
  • Develop and deploy Command and Control (C2) infrastructure using evasion and obfuscation techniques to test and enhance Cyber Defense detection capabilities.
  • Leverage AI/LLM tooling to accelerate offensive research, exploit development, and overall Red Team effectiveness.
  • Conduct ad-hoc white-box testing on pre-production and in-development infrastructure, and validate remediated findings with IT owners.
  • Perform threat modeling, security risk assessments, and independent reviews of CLIENT’S's security, network, and applications.
  • Develop clear, evidence-based reports with actionable remediation recommendations and debrief stakeholders on findings.
  • Ensure security controls and testing activities align with applicable regulations, industry best practices, and CLIENT’S policies and procedures.
  • Cross-train Red Team members and other Security/IT teams on adversarial threats, attack vectors, and remediation strategies.
  • Stay current on emerging threats, threat intelligence, and attack techniques, advising IT leadership on mitigation approaches.
  • Support audits, contribute to security roadmap development, and mentor team members while fostering a collaborative team environment.
  • Perform other duties as assigned.


Technical Skills:

  • Strong proficiency in Network, Web Application, Cloud, and Mobile Device security testing
  • Demonstrated exploit, payload, and attack framework development experience
  • Strong knowledge of EDR detection capabilities such as Crowdstrike/Carbon Black, etc. and associated defense evasion techniques for behavioral based alerting
  • Strong working knowledge of Artificial Intelligence (AI) large language models (LLMs) and agentic AI systems – including how autonomous and tool-usig agents, orchestration frameworks, and protocols like Model Context Protocol (MCP) operate – and the ability to evaluate how these technologies can accelerate offensive security tradecraft across reconnaissance, exploit and payload development, adversarial tooling development, and enhance triaging for security findings.
  • Strong proficiency in social engineering and intelligence gathering.
  • Strong experience with custom scripting (Python, Powershell, Bash, etc.) and process automation.
  • Strong experience with database security testing (MSSQL, DB2, MySQL, etc.).
  • Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nighthawk, Nmap, Qualys, Nessus, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Ida Pro, Ghidra, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Yersinia, Impacket, etc.).
  • Track record of vulnerability research and CVE assignments
  • Knowledge of Windows APIs and Living off the Land (LOL) Binaries
  • Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls.
  • Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio).
  • Proficient in basic document management in a Microsoft SharePoint environment.
  • Experience with dedicated document management tools (e.g., DMS, PolicyTech) is a plus.
  • Experience with using ServiceNow is a plus.


Education and/or Experience:

  • BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university is desired but not required
  • 3+ Years’ experience of Penetration testing
  • 5+ Years’ experience in Information Assurance or Cybersecurity work environments


Certificates or Licenses:

  • Security-related certifications (OSCP, OSWE, OSCE, GPEN, GXPN, GWAPT, ARTE, etc.) highly desired.
Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent