Pentesting/ethical Hacker

Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance. Founded by former Big 4 (EY) professionals, we deliver next-generation audit services across SOC 2, ISO 27001, PCI DSS (QSA), HITRUST, CMMC (C3PAO), and FedRAMP (3PAO) frameworks.

We're not your traditional audit firm — we're tech-enabled, leveraging compliance automation and advanced collaboration tools to make audits faster, smarter, and more impactful for our clients.

Recognized on the Inc. 5000 and Fast 50 lists, Insight Assurance is one of the fastest-growing global audit firms, with 170+ professionals supporting nearly 2,000 clients across the Americas, EMEA, and APAC.

If you're a driven sales professional who thrives on building relationships, driving growth, and being part of a high-performance global team — this is your opportunity to sell trust, innovation, and impact with one of the most exciting firms in the audit industry.

**JOB RESPONSIBILITIES**

**Key Responsibilities**:

- Act as a primary point of contact between penetration testing teams, internal stakeholders, and external clients.
- Coordinate and schedule penetration testing engagements, ensuring alignment with business objectives and regulatory requirements.
- Maintain documentation related to penetration testing activities, including scope definitions, engagement tracking, and risk assessments.
- Ensure all penetration testing reports and findings are effectively communicated to relevant teams and stakeholders.
- Monitor and schedule remediation efforts following penetration tests and track progress until closure.
- Prepare and deliver final pentest reports to clients.
- Assist in the development and refinement of penetration testing policies, procedures, and methodologies.
- Support compliance efforts by ensuring testing activities align with frameworks such as SOC2, NIST, ISO 27001, PCI DSS, and other relevant regulations.
- Collaborate with cybersecurity, IT, and development teams to integrate security best practices into the software development lifecycle (SDLC).
- Identify and escalate operational challenges, process gaps, or resource needs related to penetration testing activities.
- Provide reporting and metrics on penetration testing engagements, including key performance indicators (KPIs) and remediation progress.

**Required Skills & Qualifications**:

- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
- 3+ years of experience in penetration testing coordination, cybersecurity operations, or a related role.
- Familiarity with penetration testing methodologies (OWASP, PTES, NIST SP 800-115, etc.).
- Strong understanding of vulnerability management and risk assessment principles.
- Excellent communication and stakeholder management skills, with the ability to translate technical findings into business impact.
- Experience with penetration testing tools such as Burp Suite, Metasploit, Nessus, Active Directory, Bloodhound, netexec, certipy, kali Linux, python, bash, recon, OSINT, VPN, cloud Azure, AWS, and GPC. Code review and Nmap are a plus.
- Experience with project management software, such as Asana or others.

Strong organizational skills and ability to manage multiple testing engagements simultaneously.
- Certified in any of the following: CPTS, PNPT, CBBH, CRTO, CEH, CAPE, Security+
- Bilingual in Spanish is a plus.

**B**enefits**
- Flexible Paid Time Off and paid holidays
- Performance Bonuses
- 100% Remote

**Privacy Notice CCPA**:

- _Insight Assurance shares your personal data/information with Greenhouse recruiting because this is the tool we use for the recruitment process. _
- _Insight Assurance does not sell personal data/information under any circumstances. _

**Privacy Notice GDPR**:

- We are a U.S. based company, hence some or all Personal Data pertaining to you will be hosted in the U.S._
- The categories of Personal Data under Processing consist of:_
- _Identification_
- _Contact_
- _Education and Professional_
- _Interview performance_
- _Evaluation_
- You may exercise several Rights as determined under applicable Personal Data Protection legislation, in short:_
- **_Right of Access_**_ - meaning getting information about the Personal Data under Processing by us, except for the information you already know;_
- **_Right of Erasure_**_ - you may ask for us to erase all Personal Data pertaining to you under Processing; this may imply you being excluded from the recruitment process, for without information we cannot proceed with it;_
- **_Right of Opposition or Restriction of Processing_**_ - you may ask us to stop some Processing or restrict the Processing of some Personal Data, this may imply you being excluded from the recruitment process, at our sole discretion also for without information we cannot proceed with it;_
- **_Rectification _**_- you can rectify your Personal Data at anytime_