Senior Security Consultant; Mainframe Penetration Tester

Position: Senior Security Consultant (Mainframe Penetration Tester)
NetSPI® pioneered Penetration Testing as a Service (PTaaS) and leads the industry in modern pentesting. Combining world-class security professionals with AI and automation, NetSPI delivers clarity, speed, and scale across 50+ pentest types, attack surface management, and vulnerability prioritization. The NetSPI platform streamlines workflows and accelerates remediation, enabling our experts to focus on deep dive testing that uncovers vulnerabilities others miss.

Trusted by the top 10 U.S. banks and Fortune 500 companies worldwide, NetSPI has been driving security innovation since

NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at

Join the mission as a Senior Security Consultant. We are seeking a skilled and detail-oriented Penetration Tester to conduct thorough security assessments, identify vulnerabilities, and provide expert recommendations to strengthen our clients' security posture. As a Penetration Tester supporting Mainframe testing, you will work closely with clients to deliver clear, actionable reports and contribute to the development of security best practices.

Responsibilities:

• Perform app, platform, CICS, Db2 or other z/OS-based penetration tests.

• Create and deliver penetration test reports to clients

• Collaborate with clients to create remediation strategies that will help improve their security posture

• Research and develop innovative techniques, tools, and methodologies for penetration testing services

• Participate in the ongoing development/enhancement of NetSPI services and processes, in addition to thought leadership (via blogs, presentations, white papers, webinars, podcast, vlogs and tweets)

• Provide pre-sales support by assisting with scoping prospective engagements

• Act as a resource for internal team members as it relates to in-depth technical questions or best practices

• Responsible for QA activities in assigned service lines

• Other duties as assigned

Minimum Requirements:

• Bachelor's degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experience

• 3-5 years of experience in penetration testing, including network, web or mobile application testing

• Experience with offensive toolkits used for network and application penetration testing

• Strong communication skills, both verbal and written

• Knowledge of z/OS fundamentals including, but not limited to: JCL, JES2, USS, Networking and at least one ESM (RACF, ACF2, Top Secret).

Preferred Qualifications:

• Programming experience in one or more of the following languages:
  Assembler, C, C++, REXX

• Experience security or managing z/OS-based systems.

• Experience with pentesting (PTAS) or other offensive security certifications.

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.

Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.