Role & seniority: Cloud Penetration Tester (experienced; mid-senior level; 3–5 years in offensive security)

Stack/tools: Google Cloud Platform; cloud/ network offensive toolkits; scripting/programming (Python, PowerShell, C#, Go); report writing; TTP development

Top 3 responsibilities

Execute cloud penetration tests against GCP environments
Develop innovative TTPs for cloud testing; create narrative findings-based reports
Collaborate with clients on remediation strategies; act as technical SME for internal cloud questions; QA and process documentation

Must-have skills

3–5 years offensive security/penetration testing in GCP and external/internal networks
Recognized pentest qualifications (GXPN, OSCP, OSCE, etc.)
Cloud security/configuration review experience; proficiency with cloud/workstation offensive toolkits
Strong communication, presentation, and writing abilities
Knowledge of cloud misconfigurations, IAM security fundamentals, external/internal cloud attack surfaces

Nice-to-haves

Programming in Python, PowerShell, C#, or Go
Web app pentesting experience; research on new cloud services to identify misconfigurations
Experience documenting tools, white papers, blogs; contributions to the security community
Location & work type: Not specified in the description; location and work-type details not provided

Full Description

NetSPI® pioneered Penetration Testing as a Service (PTaaS) and leads the industry in modern pentesting. Combining world-class security professionals with AI and automation, NetSPI delivers clarity, speed, and scale across 50+ pentest types, attack surface management, and vulnerability prioritization. The NetSPI platform streamlines workflows and accelerates remediation, enabling our experts to focus on deep dive testing that uncovers vulnerabilities others miss. Trusted by the top 10 U.S. banks and Fortune 500 companies worldwide, NetSPI has been driving security innovation since 2001. NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at www.netspi.com/careers. We are seeking an experienced professional with demonstrated technical depth and breadth in Cloud Penetration Testing as well as the soft skills to effectively communicate with executive and technical teams. In this role, you'll have the ability to work alongside a world-class team using top-tier custom tools. Applicants are expected to leverage strong problem-solving skills, as well as lead, collaborate, and innovate to deliver high-quality exercises and exceptional experiences for our customers.

Responsibilities

Execute cloud penetration tests against Google Cloud Platform environments.
Develop innovative TTPs in support of Cloud testing.
Create attack narratives and findings-based penetration test reports for clients.
Collaborate with clients to create remediation strategies that will help improve their security posture.
Act as a resource for internal team members as it relates to in-depth technical questions or best practices in Cloud.
Assist in QA review of Cloud engagements.
Help define and document internal processes and TTPs.
Contribute to the information security community through the development of tools, presentations, white papers, and blogs.

Minimum Qualifications

Bachelor's degree or higher with a concentration in computer science, engineering, math, IT, or equivalent experience.
3 - 5 years experience performing offensive/attack-oriented penetration tests against GCP environments and External/Internal networks.
Recognized Penetration Testing specific qualifications such as GXPN, OSCP, OSCE, or similar certifications.
Strong communication, presentation, and writing skills.
Experience performing security focused cloud configuration reviews.
Experience with offensive toolkits for both cloud and network penetration testing.

Senior Security Consultant (Cloud Penetration Testing - GCP)