Senior Specialist, MAST Application Penetration Tester KPMG LLPSenior Specialist, MAST Application Penetration TesterSeattle, WAFull timeOne or more major ethical hacking certifications not required but preferred; GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA). If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory.
Manager, Cyber Assessment (Penetration Testing) KPMG LLPManager, Cyber Assessment (Penetration Testing)Seattle, WAFull timeExperience with common and emerging security threats, scanning tools, and assessment methodologies and demonstrated experience and understanding of security principles, IT security controls and related technologies and products; strong verbal/written communication, problem solving, analytical and independent judgment skills to support an environment driven by customer service and teamwork. Bachelor's degree from an accredited college or university is preferred; minimum of a high school diploma or GED is required; relevant certifications such as GPEN, OSCP, OSCE, CISSP, or similar are highly preferred; Certifications in Azure a plus.
Specialist, Security Tester KPMG LLPSpecialist, Security TesterSeattle, WAFull timeMinimum one year of recent experience performing application and/or network penetration tests using tools such as AppScan, NetsSparker, Acunetix, BurpSuite, OWASP ZAP, Tenable Nessus, Qualys, Kali Linux, Metasploit, or equivalent; minimum one year of recent experience working with technical and non-technical audiences in reporting results and leading remediation conversations. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory.
Senior Penetration Tester Robinhood Markets IncSenior Penetration TesterBellevue, WA$187,000–$220,000 / yearWorking knowledge of cryptocurrency and blockchain security: custody and signing flows, wallet and key-management design, on-chain integrations, and misuse patterns specific to digital-asset movement (transfer validation, replay, signature handling, bridge/staking integrations). Our team goes beyond simply finding issues-we take pride in fixing what we find, contributing to long-term improvements, and proactively helping teams build safer systems from the start.
Security Engineer - Penetration Testing- Cybersecurity Costco Wholesale CorpSecurity Engineer - Penetration Testing- CybersecurityIssaquah, WA5+ years' experience with assessing APT threats, penetration testing, vulnerability management, attack methodologies, forensics analysis techniques, malware analysis, attack surface comprehension, Cyber Threat Emulation operations, Cyber Advanced Threat Emulation Team operations and research, identification, and verification of new APT TTPs. Works with Incident Response team as necessary to consult on discovered security incidents by informing appropriate custodians, determining root cause, and actions (if necessary) required to re-establish respective information system security.
Cyber Threat Detection - Active Defense Analyst EYCyber Threat Detection - Active Defense AnalystSeattle, WA$128,100–$239,600 / yearCommunicate with server owners, system custodians, and IT contacts to pursue security testing activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions + Create presentations in MS Word, PowerPoint, and/or Excel that support findings + Maintain, manage, improve and update security testing process and protocol documentation + Assist in analyzing findings, and develop fact based reports + Identify means to disrupt attacker actions, and enhance defender response capabilities. + Global mind-set for working with different cultures and backgrounds + Demonstrated integrity and judgment within a professional environment + Ability to appropriately balance work/personal priorities + Teaming skills as well as ability to work independently on taskings + Good social, communication, and writing skills + Qualifications, Certifications and Education requirements: + Associates Degree and/or any of the following certifications: GPEN, CISSP, Security+, GCIH, OSCP, GCFE, CFCE, other relevant GIAC certs.
Associate or Experienced Product Security Engineer BoeingAssociate or Experienced Product Security EngineerEverett, WashingtonThe Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. Possess one or more security certifications, including but not limited to: CISSP; Security+; CEH; CCNA; UNIX/LINUX System Administration; GIAC GPEN, GWAPT, or GXPN; Offensive Security Certified Engineer (OSCE); Offensive Security Certified Professional (OSCP).
Information Security Architect I Valley Medical CenterInformation Security Architect IRenton, WAJob Qualifications: PREREQUISITES: Education: Master''s degree in computer science related field, OR Bachelor''s degree in computer science related field plus one (1) year industry related experience, OR Associate''s degree in computer science related field plus two (2) years industry related experience, OR three (3) years industry related experience. PREREQUISITES: Education: Master''s degree in computer science related field, OR Bachelor''s degree in computer science related field plus one (1) year industry related experience, OR Associate''s degree in computer science related field plus two (2) years industry related experience, OR three (3) years industry related experience.
Associate Product Security Engineer The Boeing CoAssociate Product Security EngineerSeattle, WA$108,800–$147,200 / yearThe Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. Basic Qualifications (Required Skills and Experience): Bachelor of Science degree in Engineering, Engineering Technology (including Manufacturing Technology), Computer Science, Data Science, Mathematics, Physics, Chemistry or non-US equivalent qualifications directly related to the work statement.
Experienced Product Security Engineer The Boeing CoExperienced Product Security EngineerSeattle, WA$137,700–$186,300 / yearThe Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. Preferred Qualifications (Desired Skills and Experience): Experience in engineering discipline(s) (e.g., electrical, mechanical, software engineering) applied to product related systems (e.g., aircraft, avionics systems) throughout the product development life cycle, from concept development to deployment.
Senior Adversary Operations Engineer CVS HealthSenior Adversary Operations EngineerOlympia, WA$83,430–$222,480 / yearEducation** + Bachelor's degree or equivalent experience (High School Diploma and 4 years relevant experience) **Anticipated Weekly Hours** 40 **Time Type** Full time **Pay Range** The typical pay range for this role is: $83,430.00 - $222,480.00 This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. Leveraging threat intelligence and continuously refining adversary tradecraft, the role ensures testing remains aligned with evolving attacker behavior while supporting incident investigations and post-event analysis contributing to a more resilient, intelligence-driven security program.
Staff Engineer - Red Team (AI) GEICO GENERAL INSURANCE COMPANYStaff Engineer - Red Team (AI)Seattle, WA$110,000–$260,000 / yearSuccess in this role means you can champion operations end-to-end: shape the scope and objectives, define safety controls and deconfliction, build or tailor emulation plans, execute advanced operator tradecraft in authorized environments, and deliver clear findings mapped to TTPs, telemetry gaps, and detection opportunities. Partner with defenders: work directly with Detection Engineering, Threat Intelligence, and Risk Management to validate telemetry coverage, tune detections, improve response playbooks, and close visibility gaps.
Senior Manual Ethical Hacker Bank of AmericaSenior Manual Ethical HackerSeattle, WARequired Skills: + **Minimum of 5+ years of** **professional** **pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment** + Detailed technical knowledge in at least 5 of the following areas: + security engineering + application architecture + authentication and security protocols + application session management + applied cryptography + common communication protocols + mobile frameworks + single sign-on technologies + exploit automation platforms + Web APIs + Cloud environments + LLM security + Mobile application analysis + Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings + Experience performing manual web application assessments i.e., must be able to simulate a OWASP Top 10 vulnerabilities without the use of tools + Experience performing manual code reviews for security relevant issues + Experience working with DAST and SAST tools to identify vulnerabilities + Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) + Experience with vulnerability assessment tools and penetration testing techniques. Senior Manual Ethical Hacker Denver, Colorado;Seattle, Washington; Jacksonville, Florida; Charlotte, North Carolina; Jersey City, New Jersey; Boston, Massachusetts; Washington, District of Columbia; Chicago, Illinois **To proceed with your application, you must be at least 18 years of age.** Acknowledge (https://ghr.wd1.myworkdayjobs.com/Lateral-US/job/Denver/Senior-Manual-Ethical-Hacker\_26001764) **Bank of America employees are required to meet all** **posting eligibility requirements** **prior to applying for any new position.**
Manual Ethical Hacker Bank of AmericaManual Ethical HackerSeattle, WAManual Ethical Hacker Denver, Colorado;Seattle, Washington; Jacksonville, Florida; Charlotte, North Carolina; Jersey City, New Jersey; Boston, Massachusetts; Washington, District of Columbia; Chicago, Illinois **To proceed with your application, you must be at least 18 years of age.** Acknowledge (https://ghr.wd1.myworkdayjobs.com/Lateral-US/job/Denver/Manual-Ethical-Hacker\_26000923) **Bank of America employees are required to meet all** **posting eligibility requirements** **prior to applying for any new position.** Key Responsibilities in order of importance: + Perform assigned analysis of internal and external threats on information systems and predict future threat behavior + Incorporate threat actors' tactics, techniques, and procedures into offensive security testing + Perform assessments of the security, effectiveness, and practicality of multiple technology systems + Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security.
Senior Offensive Security Engineer - Pentester Bank of AmericaSenior Offensive Security Engineer - PentesterSeattle, WASenior Offensive Security Engineer - Pentester Denver, Colorado;Seattle, Washington; Jacksonville, Florida; Charlotte, North Carolina; Jersey City, New Jersey; Boston, Massachusetts; Washington, District of Columbia; Chicago, Illinois **To proceed with your application, you must be at least 18 years of age.** Acknowledge (https://ghr.wd1.myworkdayjobs.com/Lateral-US/job/Denver/Senior-Full-Stack-Pentester\_26001769) **Bank of America employees are required to meet all** **posting eligibility requirements** **prior to applying for any new position.** + Must be able to effectively code in a programming or scripting language (Python, Java, C#, etc.) Desirable Skills: + Certifications: OSCP, GPEN, GXPN, OSED, OSEP, OSWE, OSCE, GWAPT + Ability to work remotely if/when necessary + Previous experience working in the financial industry + Experience with hardware hacking, embedded systems analysis, and IoT hacking This job will be open and accepting applications for a minimum of seven days from the date it was posted.
Offensive Security Analyst EYOffensive Security AnalystOlympia, WA$76,400–$138,600 / yearStrong attention to detail with a methodical approach to identifying complex attack paths + Critical thinking and analytical skills to evaluate vulnerabilities in a business risk context + Ability to manage high volumes of testing requests without compromising depth or quality + Flexibility to work across diverse technologies, including cloud, applications, and infrastructure + Effective communication skills to convey technical findings to both technical and non-technical audiences + Familiarity with research techniques and threat intelligence to support proactive risk identification **To qualify for the role you must have** + A minimum of 4 years of experience in penetration testing, red teaming, purple teaming or offensive security + Hands-on experience testing applications, APIs, cloud environments, and network infrastructure + Strong understanding of common vulnerability classes such as OWASP Top 10 and exploitation techniques + Familiarity with offensive security methodologies and frameworks + Experience supporting or performing third-party risk assessments + Strong analytical and problem-solving skills with the ability to prioritize risks effectively + Strong communication and stakeholder management skills **Ideally, you'll also have** + Certifications such as OSCP, GPEN, GWAPT, or equivalent offensive security credentials **What we look for** We are looking for a developing Offensive Security Analyst that can operate with supervision and bring new approaches to discovering and evaluating the business's externally-exposed vulnerabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com .
Product Security Engineer Overland AIProduct Security EngineerSeattle, WashingtonDirect experience with the Department of Defense (DoD) Risk Management Framework (RMF), NIST 800-53, CNSSI 1253, and documenting security controls for Authority to Operate (ATO) or Authority to Connect (ATC) packages in eMass. As a compliance leader, you will map and implement controls aligned with CSEIG v3.0, DISA STIGs, and NIST 800-53/171, preparing the necessary documentation and evidence to support customer ATO and ATC efforts.