More jobs:
AVP, Penetration Tester
Job in
Fort Mill, York County, South Carolina, 29715, USA
Listed on 2026-07-09
Listing for:
LPL Financial LLC
Full Time
position Listed on 2026-07-09
Job specializations:
-
IT/Tech
Cybersecurity
Job Description & How to Apply Below
Job Overview
As a member of the Cyber Security team, the Senior Penetration Tester, Offensive Security, is responsible for the scheduling, scoping, and execution of internal penetration testing, with a primary focus on web, mobile, cloud, API, and AI‑enabled applications. This individual contributor role performs advanced manual penetration testing to validate the security of company resources. The position serves as the primary point of contact for assigned testing initiatives and partners closely with stakeholders across the organization to identify security weaknesses, recommend mitigation strategies, and validate remediation efforts across LPL applications and platforms.
Responsibilities- Partner with product and technology stakeholders to drive end‑to‑end penetration testing activities, including collaboration with Security Architects throughout the SDLC to identify and address security issues prior to production deployment
- Conduct tactical penetration testing assessments of web, mobile, and API applications against OWASP Top 10 threats and emerging risks, and collaborate with Application Security teams to provide actionable feedback and recommendations, including opportunities to expand automated and AI‑assisted testing capabilities
- Perform security assessments of internal and external networks, infrastructure, cloud environments, and a wide range of internally developed and commercial products
- Apply creative and analytical thinking to bypass security controls, identify vulnerabilities, and develop practical remediation guidance; stay informed on evolving tactics, techniques, and procedures (TTPs), zero‑day vulnerabilities, and mitigation strategies
- Develop or modify custom tools and scripts to support new penetration testing needs, automation, and AI‑assisted testing approaches
- Document and formally report testing scope, methodology, findings, risk ratings, remediation recommendations, and validation results in a clear and concise manner
- Present testing results to technology and business partners, clearly communicating risk, impact, and remediation guidance in an accessible and collaborative way
- Lead execution of assigned penetration testing initiatives, including status communication to leadership and coordination with stakeholders
- Oversee communication, tracking, and retesting of findings to validate successful closure of previously identified issues
- Assist with validation and triage of submissions from the company’s Vulnerability Disclosure Program and Bug Bounty programs
- 8+ years of experience conducting application, API, and network‑based penetration testing engagements
- 6+ years of experience troubleshooting tools, manually identifying vulnerabilities in code, and rewriting code to remediate security issues
- 3+ years of experience leading penetration testing engagements from scoping through reporting and remediation validation
- 1+ year of experience testing AI, LLM, or Generative AI‑enabled applications
- 1+ year of experience using AI models (such as Claude or similar) to accelerate tool development or testing workflows
- Advanced knowledge of security assessment tools and frameworks, such as Burp Suite, Kali Linux, Nessus, Accunetix, Metasploit, Auto Sploit, Cobalt Strike, MITRE ATT&CK, MITRE ATLAS, OWASP Top 10 (including OWASP Top 10 for LLMs)
- Advanced proficiency in one or more programming or scripting languages, such as .NET, JavaScript, Python, Java, Power Shell, Perl, Ruby, Bash, or similar
- Advanced knowledge of Linux, macOS, and Windows operating systems, as well as AWS and Azure cloud environments and cloud‑native services (e.g., containers, Kubernetes, microservices, serverless functions)
- Experience performing reverse engineering on mobile applications, including those with obfuscation or anti‑emulation protections
- Effective written and verbal communication skills, with the ability to collaborate with technical and non‑technical stakeholders
- Organized approach to managing multiple testing efforts and deliverables
- A natural curiosity for exploring, testing, and understanding security controls and how they can be improved
- Bachelor’s degree or equivalent experience in…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×