Security Analyst- Pen Testing (Remote - US)

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Security Analyst - Pen Testing in the United States.In this role, you will play a critical part in strengthening the organization's security posture by identifying vulnerabilities across software and hardware systems. You will conduct in-depth assessments, including SAST, DAST, SCA, and hardware penetration testing, providing actionable insights and recommendations to mitigate risk. This role involves collaborating with engineering teams and clients to implement secure designs, supporting red team/blue team exercises, and contributing to the development of security testing methodologies. You will translate complex technical findings into clear reports for both technical and non-technical stakeholders. The position requires staying current on emerging threats, tools, and techniques while contributing to internal knowledge-sharing initiatives. This role offers a challenging, dynamic environment for skilled security professionals committed to advancing cybersecurity practices.Accountabilities: Conduct comprehensive SAST, DAST, and SCA assessments for web, mobile, desktop, and API-based applications Perform hardware penetration testing on embedded systems, IoT devices, and industrial control systems, including firmware analysis and secure boot review Develop and maintain threat models, attack trees, and risk assessments for both software and hardware Identify and exploit vulnerabilities using manual and automated techniques, simulating real-world attack scenarios Provide detailed technical reports and executive summaries tailored to developers, engineers, and leadership Collaborate with product and engineering teams to prioritize vulnerabilities and implement secure design and coding recommendations Lead or support red team/blue team exercises, tabletop simulations, and incident response drills Develop and implement security testing methodologies, checklists, and SOPs, and evaluate security tools for integration into CI/CD pipelines Engage with clients to define testing scopes, deliver high-quality consulting services, and ensure compliance with legal, ethical, and organizational guidelinesRequirements Bachelor's degree in computer science, cybersecurity, or related field, or significant equivalent experience Minimum of three years' experience as a Pen Tester in diverse technical environments (software and hardware) Professional certifications such as CEH, OSCP, CISSP, CHSP, or CMWAPT are a plus Proficiency with penetration testing tools including Burp Suite, ZAP, Nessus, Binwalk, and Ghidra Hands-on experience with mobile application testing on Android and iOS platforms Strong knowledge of threat modeling, attack trees, risk assessments, and real-world exploitation techniques Excellent verbal and written communication skills for reporting to technical and executive audiences Ability to manage time effectively, handle multiple priorities, and present findings clearly in virtual or in-person environments Willingness to travel 4-6 times per year (up to 24 days) and reside in eligible U.S. statesBenefits Comprehensive health care coverage including medical, dental, and vision Retirement plans (401k, IRA) with employer contributions Life insurance (basic, voluntary, AD&D) and long-term disability Paid time off including vacation, sick leave, and public holidays Family leave (maternity and paternity) Professional training and development opportunities Remote work flexibility with support for work-life balance Collaborative and inclusive company cultureJobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching.When you apply, your profile goes through our AI-powered screening process designed to identify top talent efficiently and fairly.🔍 Our AI evaluates your CV and LinkedIn profile thoroughly, analyzing your skills, experience and achievements.📊 It compares your profile to the job's core requirements and past success factors to determine your match score.🎯 Based on this analysis, we automatically shortlist the 3 candidates with the highest match to the role.🧠 When necessary, our human team may perform an additional manual review to ensure no strong profile is missed.The process is transparent, skills-based, and free of bias — focusing solely on your fit for the role.Once the shortlist is completed, we share it directly with the company that owns the job opening. The final decision and next steps (such as interviews or additional assessments) are then made by their internal hiring team.Thank you for your interest!