Penetration Tester, Web/Mobile Apps and Cloud Services
TP-Link · Irvine, CA · 5 mo ago
Information Technology$80k–$132k/yrFull-time
About the role
TP-Link Systems Inc. is seeking a skilled and proactive Penetration Tester, Web/Mobile Apps and Cloud Services to support our cloud service projects under the guidance of senior team members. This role is designed for candidates with a foundational technical background in cybersecurity, particularly in cloud environments.
Key Responsibilities
- Perform penetration testing on cloud services, web applications, and APIs to identify vulnerabilities.
- Provide remediation recommendations and write detailed penetration test reports.
- Perform threat modeling to identify and evaluate potential risks for specific cloud components and web applications.
- Support cloud and web application incident response, including investigation, containment, remediation, and post-incident analysis.
- Cook up with cross-functional teams to ensure effective resolution.
- Cloud security configuration: Analyze cloud security configurations and identify misconfigurations that could lead to vulnerabilities.
- Develop security tools: Assist in developing various pen-testing tools, automated testing platforms, and scripts to enhance testing efficiency and accuracy for cloud environments.
- CI/CD Security Integration: Participate in the development and improvement of the company's CI/CD security processes, ensuring security considerations are integrated throughout the development lifecycle.
- Interpret cloud security standards and regulatory requirements, supporting implementation of security requirements.
Requirements
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience).
- Proven 1-3 years experience as a Security Engineer (Cloud & Web) or in a similar role.
- Strong knowledge of web application security, cloud security concepts, API security, and common vulnerabilities (OWASP Top 10).
- Experience with security tools such as Burp Suite, OWASP ZAP, Nmap, Kali, Nessus, Metasploit, etc.
- Capability to optimize penetration testing tools and automation strategies for cloud environments.
- Ability to analyze SAST results and identify false positives.
- Proficient in at least one programming language (e.g., Python, JavaScript, Bash, or PowerShell).
- Familiarity with major cloud platforms (AWS, Azure, GCP) and their security controls.
- Relevant security certifications (e.g., CEH, OSWP, etc.) are highly preferred.
- Published CVEs are highly preferred.
Soft Skills
- Strong communication and interpersonal skills.
- Ability to work independently as well as collaborate with cross-functional teams.
- Strong willingness to learn, able to work under guidance and take constructive feedback.
- Team-oriented mindset, with the ability to follow technical direction and contribute constructively to group tasks.
- Attention to detail and systematic approach to problem solving.
Benefits
- Salary range: $80,000-$132,000
- Full paid medical, dental, and vision insurance (partial premium coverage for dependents)
- Employer quarterly contributions to 401k funds
- 15 days accrued vacation
- 11 paid holidays
- Bi-annual reviews, and annual pay increases
- Health and wellness benefits, including free gym membership
- Quarterly team-building event