Security Assurance Penetration Tester
$71.6k - $119.4kElsevier
Are you a collaborative Penetration Tester looking to work for a mission driven global organization? About the role - This role supports the offensive security function within Elsevier's Security Engineering team. You will perform hands-on security testing and peer review activities, validate vulnerabilities and security controls, and support the automation of security assurance processes. This is a hands-on role for a motivated security professional eager to grow in a collaborative, fast-paced environment. About the team - The Security Assurance team supports the third-party penetration testing program, security control validation, and ongoing offensive security testing activities. Responsibilities Tracking and triaging findings from third-party assessments, ensuring timely follow-up and remediation tracking. Collaborating with development, platform, and product teams to communicate findings, track remediation efforts, and improve overall security posture. Facilitating post-assessment reviews and lessons learned sessions with development teams to identify recurring security issues and promote secure development practices. Maintaining program documentation, test records, and reporting artifacts. Conducting penetration testing of web applications, APIs, cloud environments, and internal systems, escalating complex testing scenarios as needed. Performing peer review of penetration testing deliverables, including test plans, findings, and final reports. Participating in scoping exercises and contributing to the selection of appropriate testing methodologies. Supporting security assessments of GenAI-powered applications and features, including LLM integrations, RAG pipelines, and AI agents. Assisting in testing for AI-specific vulnerabilities such as prompt injection, jailbreaking, insecure output handling, model data leakage, and training data poisoning. Contributing to the development of internal GenAI security testing checklists and methodologies, aligned with frameworks such as OWASP Top 10 for LLMs. Requirements Experience in information security, penetration testing, or a related field. Experience or coursework in software development, DevOps, or scripting is highly desirable. At least one relevant security certification (e.g., Security+, eJPT, PNPT, CEH, or equivalent) preferred; advanced offensive security certifications such as OSCP are a plus. Foundational understanding of web application architecture, networking, and operating system security. Familiarity with common penetration testing tools (e.g., Burp Suite, Nmap, Metasploit, Nuclei, or equivalent). Working knowledge of OWASP Top 10, common CVEs, and vulnerability scoring frameworks (CVSS). Scripting ability in at least one language (Python, Bash, PowerShell, or similar); development experience is a strong plus. Basic understanding of cloud environments (AWS, Azure, or GCP) and associated security considerations. Exposure to SAST/DAST tools and secure code review practices is desirable. Awareness of GenAI security risks (prompt injection, LLM abuse, insecure AI integrations) Elsevier is a renowned global information analytics company that primarily focuses on providing scientific, technical, and medical (STM) research content, tools, and services. It is one of the largest publishers of academic journals and scholarly literature in the world. Elsevier operates in various domains, including science, technology, medicine, social sciences, and more. They publish a vast number of peer-reviewed journals covering a wide range of disciplines. These journals act as platforms for researchers and academics to share their findings and contribute to the advancement of knowledge in their respective fields. In addition to publishing, Elsevier offers a suite of digital solutions and services to support researchers, scientists, and professionals in their work. They provide online platforms like ScienceDirect, Scopus, and Mendeley, which offer access to a vast repository of scholarly articles, research papers, and other scientific content. These platforms often serve as essential resources for software developers seeking to stay updated with the latest scientific advancements. U.S. National Base Pay Range: $71,600 - $119,400. Geographic differentials may apply in some locations to better reflect local market rates. If performed in Colorado, the base pay range is $71,600 - $119,400.If performed in New York, the base pay range is $78,700 - $131,400.If performed in New York City, the base pay range is $85,900 - $143,300.If performed in Rochester, NY, the base pay range is $71,600 - $119,400.If performed in New Jersey, the base pay range is $84,546 - $135,054. This job is eligible for an annual incentive bonus. Application deadline is 09/10/2026. We know your well-being and happiness are key to a long and successful career. We are delighted to offer country specific benefits. Click here to access benefits specific to your location. We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact View phone number on click.appcast.io. Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here. Please read our Candidate Privacy Policy. We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. USA Job Seekers: EEO Know Your Rights. Elsevier is a global leader in advanced information and decision support for science and healthcare. We believe that by working together with the communities we serve, we can shape human progress to go further, happen faster, and benefit all. We support continuous discovery and uphold the highest standards of content integrity, reliability, and reproducibility so the communities we serve can advance their field of science, healthcare or innovation with confidence. By combining high-quality content with powerful analytics, we transform complexity into clarity and deliver mission-critical insights that help professionals make better decisions when it matters most. We deliver insights that help research institutions, governments, and funders achieve their goals. We help researchers discover and share knowledge, collaborate, and accelerate innovation. We help librarians provide verified, quality information to universities. We help innovators turn knowledge into new products. We help health professionals improve patient care and educators train the next generation of doctors and nurses. Connecting quality content and innovative technologies, we make progress go further and happen faster. And by championing inclusion and sustainability, we ensure progress benefits all. With 9,500 employees, over 2,300 technologists in 5 major tech hubs, and more than 60 locations across the globe, we are committed to supporting the scientific and healthcare communities around the world. We offer a diverse range of opportunities across technology, commercial, business, and early career jobs. If you are looking for a career that inspires progress in science, innovation and health, and allows you to grow every day, find your team at Elsevier. Elsevier is part of RELX Group. Let’s shape progress together. Join us. elsevier.com/about/careers
- ...implementation of in-house and cloud-based information systems, and enterprise software architectures that support the bank's information security operations functions. This role performs feedback and recommendation in the evaluation and selection of technologies, ensuring...SuggestedRemote work
$115k - $150k
...Hagerty Consulting, Inc. (Hagerty) is the nation's leading emergency management and homeland security consulting firm. Known for its public spirit, innovative thinking, problem-solving, and exceptional people, Hagerty is sought after to work on some of the largest and...SuggestedPermanent employmentTemporary workLocal areaImmediate startRemote workFlexible hours- ...POA&M tracking activities, supporting remediation efforts and preparation of recurring cybersecurity scorecard data. - Monitor security tools and alerts, performing initial triage and escalating issues in accordance with defined processes. - Maintain and update incident...SuggestedMinimum wageContract workTemporary workWork experience placementRemote work
- ...We have an outstanding Contract position for aSenior Security Engineer to join a leading Company located in theClarksburg, WVsurrounding area. US Citizenship is required. Candidate must possess an Active Top Secret/SCI Security Clearance. The Senior Security...SuggestedContract workFor contractorsLocal area
$184k - $230k
...Datavant is the data collaboration platform trusted for healthcare. Guided by our mission to make the world’s health data secure, accessible and actionable, we provide critical data solutions for organizations across the healthcare ecosystem - including providers, health...SuggestedRemote work- ...We provide high quality resources for a wide range of IT and security solutions at best-value pricing. Our success is built on a solid... ...of professional experience in cybersecurity, information assurance, or related technical roles Experience with cybersecurity frameworks...Temporary workWork at office
$90k - $110k
...United States Suitability/Public Trust Fully remote Cyber Security Services Overview GovCIO is currently hiring for an Information Systems Security Officer (ISSO) to support our client's contract needs. The ISSO ensures the confidentiality, integrity, and...Full timeContract workCurrently hiringRemote workFlexible hours- ...environments - Strong attention to detail and ability to work in structured, compliance-driven environments - Familiarity with network security concepts, including firewalls, access control, and traffic monitoring - Experience or exposure to vulnerability management,...Minimum wageContract workTemporary workWork experience placementRemote work
$84.63k - $112.84k
...AI‑powered world, connecting people, data, and applications through our expansive fiber network and connected ecosystem. We enable secure, high‑performance connectivity across cloud, edge, and AI workloads for enterprises, governments, and communities. At Lumen, you’ll...Contract workTemporary workRemote work$121.4k - $218.6k
...Join our Networks SQA team! Our Networks Software Quality Assurance (SQA) team ensures our global platform's reliability by testing... ...help the giants of the digital world work faster and stay more secure, making the internet a better experience for everyone. Our focus...Work experience placementWork at officeWorldwide- ...services and solutions to mission‑critical US Government programs and the Intel Community. Position Location: Remote Who are you? Security-cleared Professional: An active DOD Secret Clearance is required to be considered for this position. Education and Experience: You...Temporary workWork at officeRemote work
$70.66k - $77.05k
...like you who are eager to contribute to our critical Homeland Security missions. For the Department of Homeland Security (DHS), Office... ...existing system in addition to coordinating with developer and tester personnel Implement Scrum/Agile project lifecycle approach to software...Contract workTemporary workWork at officeImmediate startRemote workWorldwideFlexible hours£70k - £80k per year
...risk, cloud, data, APIs, AI, systems change & wider IT controls. The role would suit someone from an IT audit, technology risk or IT assurance background who is comfortable leading audits independently & applying judgement rather than taking a checklist‑led approach. You...Permanent employment- ...conjunction with skills in systems administration, network administration, and control system security to operate, maintain, sustain, upgrade, and troubleshoot systems and components to assure and maintain reliable operation and compliance with Navy and NAVFAC IT and OT policy...Contract workWork at officeRemote work
$110k
...Job Description We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must possess a solid understanding of the security and privacy of our company's applications and data...Full time$150.2k - $225.4k
...About the team: The Information Security organization advances the overall state of security at Rubrik through purposeful initiatives... ...modeling, secure code review, vulnerability management, and penetration testing ~ Proven track record of utilizing frontier models...Work experience placementLocal areaRemote workShift work$112k - $142k
...mission software, applications, and technology platforms remain secure, maintainable, and compliant with federal regulations... ...analysis experience specializing in application security, software assurance, or cloud security within a federal environment. Proven experience...$71.4k - $133.8k
...and system improvements. Develop and implement user and data security enhancements to improve Cascade data integrity and security.... ...information, and processes to perform their duties in a manner that assures safety for themselves, their co-workers, our customers and the...Full timeContract workWork experience placementH1b$78.9k - $123.3k
...system authorization and continuous monitoring activities within a Federal environment. This role is responsible for managing the security authorization lifecycle for one or more information systems, ensuring compliance with Federal cybersecurity requirements, and maintaining...Permanent employmentFull timePart timeWork at officeLocal areaRemote work$55k - $95k
...user base. Services: Strategy, Architecture, Planning, and Procurement Business Enablement Business Solutions Project Assurance About the Role Join our forward-thinking team as a full-time System Integration Business Analyst to help drive innovative...Full timeFor contractorsH1bLocal areaRemote workFlexible hours- ...Tygart is seeking a Information Systems Security Officer (ISSO) to support a DOJ office in Clarksburg, WV. The ideal candidate will have hands-on experience in information security, a strong technical background in networking, system administration, and development,...Work at officeLocal area
$170.6k - $390k
...the best place in the world to grow your career in information security! The opportunity The Senior Network Security Architect... ...tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector...Summer holidayRemote workFlexible hours- ...Virginia is seeking an IT support professional responsible for managing and troubleshooting computer systems and maintaining network security. The ideal candidate will possess an Associate's degree, relevant experience, and a valid driver's license. The role includes...
$87.7k - $164k
...Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting,...Summer holidayLocal areaFlexible hours- A healthcare services company is seeking a Revenue Cycle EDI Systems Analyst in Charleston, West Virginia. This role involves optimizing revenue cycle systems, ensuring compliance with regulations, and analyzing data for decision-making. The ideal candidate has over 3 ...Remote work
$102.17k
...clients across the country. Job Description Join the Trinnex Security Team as a Senior Cyber Security Analyst, where you will operate... ...determination. Design and execute vulnerability assessments, penetration tests, and simulated attack scenarios across infrastructure and...H1b$120k - $150k
...Datavant is the data collaboration platform trusted for healthcare. Guided by our mission to make the world’s health data secure, accessible and actionable, we provide critical data solutions for organizations across the healthcare ecosystem - including providers, health...- ...potentially programming support. - Identify, track, manage, and communicate risks and issues with stakeholders and upper management. - Assure the project is in compliance with company standards and procedures. Job-Specific Essential Duties and Responsibilities:...Minimum wageFull timeContract workTemporary workWork experience placementWork at officeRemote work
$92.49k - $102.79k
...mitigates potential cyber threats. Minimum/General Experience 3 years of experience supporting incident response in an enterprise-level Security Operations Center (SOC). Minimum Education Bachelor's degree in computer science, cybersecurity, information technology or related...Permanent employmentTemporary workLocal areaShift work- ...Tygart is seeking a Cyber Security Analyst to support a DOJ office in Clarksburg, WV. The ideal candidate must possess a current a Top-Secret clearance. Key Responsibilities Support ISSOs in the evaluation of delivered software for security and compliance. Conduct dynamic...Work at officeLocal area
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security Assurance Penetration Tester. Be the first to apply!


