×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Consultant

Lead Cybersecurity Specialist; Pentesting Onsite NY

Job in New York City, Richmond County, New York, 10261, USA
Listing for: Estreetsecurity
Full Time position
Listed on 2026-01-12
Job specializations:
  • IT/Tech
    Cybersecurity, IT Consultant
Salary/Wage Range or Industry Benchmark: 185000 - 200000 USD Yearly USD 185000.00 200000.00 YEAR
Job Description & How to Apply Below
Position: Lead Cybersecurity Specialist (Pentesting) (Permanent – Onsite – New York, NY)

An opportunity has come through our network for a Lead Cybersecurity Specialist (Pentesting) at one of NYC’s top law firms. This permanent position
, based onsite in New York, NY
, offers a competitive salary ranging from $185,000 – $200,000 annually
. This role is pivotal in safeguarding the organization’s digital infrastructure through proactive monitoring, threat detection, and advanced penetration testing of both cloud and on‑premises environments. You’ll also support broader security operations and contribute to the deployment and maintenance of critical cybersecurity technologies across the firm.

What You’ll Be Doing:
Orchestrating Proactive Security and Threat Detection

As a Lead Cybersecurity Specialist with a strong focus on penetration testing, you will be at the forefront of the firm’s defense strategy. Your responsibilities will blend hands‑on technical execution with strategic analysis and cross‑functional collaboration to proactively identify and mitigate security risks.

  • Monitor and Analyze Security Alerts and Logs: You will meticulously monitor and analyze security alerts and logs from a wide array of sources. This includes data from SIEM
    , DLP
    , IDS/IPS
    , antivirus software
    , firewalls
    , and various system logs
    . Your keen analytical skills will enable you to detect suspicious activity, anomalies, and potential threats to the firm’s digital infrastructure.
  • Conduct Manual and Automated Penetration Testing: You will lead the charge in conducting both manual and automated penetration testing across the firm’s diverse digital assets. This encompasses rigorous assessments of web applications
    , APIs
    , networks
    , cloud platforms
    , and mobile environments
    . Your hands‑on testing will simulate real‑world attacks to uncover vulnerabilities and assess risk exposure, providing a clear picture of the firm’s exploitable weaknesses.
  • Simulate Real-World Attack Scenarios: A critical aspect of your role will be to simulate real‑world attack scenarios to uncover vulnerabilities and comprehensively assess the firm’s risk exposure. This proactive approach goes beyond basic scanning, diving deep into potential attack paths that might bypass standard defenses, thereby enhancing the firm’s overall resilience against sophisticated cyber threats.
  • Develop Scripts and Automation Tools: You will actively develop scripts and automation tools specifically designed to support testing and remediation efforts. This involves coding custom scripts (e.g., in Python
    , Power Shell
    ) to automate vulnerability validation, streamline repetitive testing tasks, and facilitate the efficient remediation of identified security flaws, thereby increasing the effectiveness and scalability of the security team.
  • Participate in Red Team Operations and Threat Modeling: You will be a key participant in red team operations
    , simulating adversarial tactics to test the firm’s defensive capabilities. You’ll also contribute to threat modeling exercises
    , identifying potential threats and vulnerabilities in systems from a design perspective. Furthermore, you will engage in collaborative purple team exercises
    , working with defensive teams to improve detection and response mechanisms based on offensive simulations.
  • Assist in Configuring, Maintaining, and Troubleshooting Security Tools: You will provide crucial assistance in configuring, maintaining, and troubleshooting security tools and platforms
    . This includes ensuring that various cybersecurity solutions (e.g.,
    SIEM
    , EDR
    , vulnerability scanners) are optimally configured, regularly updated, and functioning effectively to provide continuous protection and accurate threat intelligence.
  • Enhance Monitoring Capabilities and Contribute to Framework: You will play a vital role in continuously enhancing monitoring capabilities across the firm’s digital infrastructure. This involves identifying gaps in current monitoring, recommending new data sources, and helping to implement advanced detection mechanisms. You will also contribute to building and maintaining a robust continuous security monitoring framework
    , ensuring constant vigilance over the firm’s security posture.
  • Collaborate on Cybersecurity Initiatives: You…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search