Offensive Security Specialist

Department: Offensive Security

Location: Remote - United States

• Conduct internal and external network penetration tests including enumeration, exploitation, lateral movement, and post-exploitation within defined scope
• Perform web application assessments aligned to OWASP Top 10 and API security testing standards
• Conduct basic cloud security assessments (AWS, Azure, GCP) including misconfiguration identification, IAM review, and exposed services enumeration
• Support AI/LLM security assessments including prompt injection, model abuse scenarios, and OWASP LLM Top 10 coverage under senior guidance
• Produce complete, client-ready findings reports with clear technical narratives, reproduction steps, risk ratings, and remediation guidance
• Participate in client kick-off calls and debrief walkthroughs, communicating findings professionally to technical and non-technical stakeholders
• Maintain accurate engagement documentation, time tracking, and artifact organization in project management systems
• Pursue continuous development through assigned training, lab environments, and certification advancement
• May be required to travel up to 50% of the time.
• Must be a US Citizen.
  
  
  
  

• 1–3 years of professional penetration testing or applied offensive security experience; strong candidates with equivalent demonstrated skills will be considered.
• Hands-on penetration testing certification preferred. Examples include PNPT (TCM Security), OSCP (Offensive Security), CompTIA PenTest+, or eWPT/eJPT with demonstrated experience
• Proficiency with standard toolsets: Nmap, Metasploit, Burp Suite, Nessus/OpenVAS, BloodHound, or equivalents.
• Solid understanding of networking fundamentals (TCP/IP, DNS, HTTP/S, AD, VPNs) and common vulnerability classes.
• Familiarity with at least one scripting language (Python, Bash, or PowerShell) for basic automation and tooling.
• Exposure to cloud platforms (AWS, Azure, or GCP) and awareness of common cloud misconfiguration patterns.
• Strong written communication with the ability to produce accurate, professional-quality findings documentation.
  
  
  
  

• We are client obsessed.
• We stand in solidarity with our teammates.
• We prioritize personal health and well-being.
• We believe in the power of diversity.
• We solve hard problems at the speed of cyber.

• Understanding and following DeepSeas’s information security policies and procedures.
• Remaining vigilant and reporting any suspicious activity or possible weaknesses in DeepSeas’s information security.
• Actively participating in DeepSeas’s efforts to maintain and improve information security.
• DeepSeas considers this position is as Moderate Risk with a potential to view/access/download restricted/private client/internal data.
• This information must be treated with sensitivity and in the most secure manner.
• HR reserves the right to perform random background/drug screens to ensure the safety of client/DeepSeas data