Senior Cybersecurity Engineer

Senior Cybersecurity Engineer

Penetration Testing and Managed Security Operations 

Who is TrustNet? 

TrustNet is a leading cybersecurity and digital trust service provider for mid-size and large organizations worldwide. We seek a dynamic and professional team player within our service delivery team. In this role, you will work with a diverse team of professionals to solve interesting technical challenges. This is a high-visibility and high-impact role with excellent growth opportunities. 

About the Role

Are you passionate about offensive security and real-world cyber defense? Do you thrive on uncovering vulnerabilities before attackers do? If you are looking for a challenging role where you can leverage your penetration testing expertise while also playing a critical role in a managed security operations environment, this is the perfect opportunity! 

As a Cybersecurity Engineer, you will be at the frontline of cybersecurity, executing sophisticated penetration tests and red team assessments while helping defend organizations by analyzing, detecting, and responding to threats in a managed security environment. This dual role allows you to attack and defend, sharpening your offensive and defensive security expertise. 

Key Responsibilities 

Penetration Testing and Offensive Security 

• Conduct advanced penetration tests on web applications, APIs, networks, cloud environments, and mobile applications. 
• Simulate real-world cyberattacks using red teaming and adversary emulation techniques. 
• Develop and execute custom exploits to assess an organization’s security resilience. 
• Perform social engineering assessments, including phishing, pretexting, and physical security tests. 
• Conduct source code reviews for security flaws and misconfigurations. 
• Document findings in detailed reports with actionable remediation guidance for clients. 
• Stay ahead of the latest vulnerabilities, attack methodologies, and hacking tools. 

Managed Security and Defensive Operations 

• Monitor and analyze security events from SIEM, EDR, IDS/IPS, and other security tools. 
• Investigate and respond to security incidents containing threats before they escalate. 
• Hunt for threats using anomaly detection, behavioral analytics, and threat intelligence. 
• Tune security monitoring tools to reduce false positives and improve threat detection. 
• Provide detailed reports on security events, investigations, and incident response actions. 
• Develop and implement playbooks for security incident response and threat mitigation. 
• Ability to work with and communicate with clients’ technical teams to advise and help resolve detected issues.

Technical Skills Required 

Penetration Testing and Ethical Hacking 

• Strong knowledge of penetration testing methodologies (OSSTMM, PTES, OWASP) 
• Experience with tools such as OWASP ZAP, Metasploit, Cobalt Strike, OpenVAS, Nessus, and NMap. 
• Proficiency in scripting and automation (Python, PowerShell, Bash, Ruby) 
• Expertise in web application security (SQLi, XSS, CSRF, SSRF, IDOR, RCE) 
• Knowledge of Active Directory attacks (kerberoasting, pass-the-hash, golden ticket, etc.) 
• Understanding of cloud security testing (AWS, Azure, GCP misconfigurations, identity abuse) 
• Familiarity with wireless security assessments and Bluetooth/NFC hacking 

Managed Security and Defensive Operations 

• Experience with SIEM platforms (LevelBlue AlienVault USM Anywhere, Splunk, QRadar, ELK Stack, Microsoft Sentinel) 
• Proficiency in EDR and XDR solutions (CrowdStrike, SentinelOne, Microsoft Defender) 
• Strong knowledge of log analysis, threat hunting, and forensic investigation 
• Incident response experience, including malware analysis and memory forensics 
• Understanding of security frameworks (MITRE ATTandCK, NIST CSF, CIS Controls) 
• Experience with automation and SOAR (Security Orchestration, Automation, and Response) 

What Makes This Role Exciting? 

• Red Team Meets Blue Team: You’ll get the best of both worlds—testing security defenses AND improving them.
• Challenging Engagements: Work on complex cybersecurity projects for top-tier organizations.  Access to Cutting-Edge Tech: Work with the latest security tools and offensive and defensive security techniques. 
• Continuous Learning: Stay ahead in the field with training, certifications, and research opportunities. 
• Work with Elite Experts: Join a team of skilled, ethical hackers, SOC analysts, and threat hunters. 
• Real Impact: Help organizations strengthen their security posture and protect against real-world cyber threats.

What education and certification you will need 

• Bachelor's or master's degree in computer science or a related field. 
• Preference for technical certifications (Not Required but a Plus)   
  • OSCP, OSWE, or OSEP (Offensive Security)   
  • GPEN, GWAPT, or GCIH (GIAC Certifications)   
  • CRTO (Certified Red Team Operator) 
  • CISSP, CISM, or CISA (General Cybersecurity)   
  • Azure/AWS/GCP Security Certifications   

What experience is required 

• Minimum of 8 years of experience delivering cybersecurity and penetration testing services.
• Exceptional English written language and verbal communication skills
• Thrives on collaboration in a fast-paced, high-growth work environment.
• Strong technical understanding of network, cybersecurity, and pen testing.
• Excellent team player 
• Exceptional communication and interpersonal skills.
• Competence in managing confidential and highly sensitive information
• Ability to manage multiple projects simultaneously.

What knowledge and skills you will need 

What we offer

• Work culture: A highly collaborative, supportive, and diverse working ethos.
• Compensation:
  • Competitive salary that takes skills and experience into consideration. 
  • Quarterly performance bonuses that reward excellence and achievement  
• Freedom: Fully remote role with flexible working hours and adjustable work/life balance. We don't micromanage. We trust you to do your thing and do it well. 
• Flexible hours: We mainly serve clients in the USA. Core collaboration hours are 2 PM to 11 PM (PHT). 
• Work from home: No more commuting to work. Just keep your workspace professional. 
• Professional Development: We collaborate with you to grow your skills and push you forward. Continuous learning opportunities to stay up to date with the latest industry trends.
• Technologies: Learn how to use the latest technologies
• Benefits:
  • Employee and family health insurance covered 
  • Paid sick leave, mental wellness leave, national holidays, and vacation
  • Wellness reimbursement: We help pay for your gym membership, running shoes, yoga mat, vitamins, or anything that keeps you fit and healthy
  • Training: company paid technical and business training 
  • Entrepreneurship: We embrace innovative ideas and people who have the drive.
  • Regular company-sponsored virtual social events and paid meals 
    
     

Industry

• Cybersecurity, IT Services, SaaS

Employment Type

• Full-time

   

Job Functions 

• Cybersecurity