Offensive Cloud Penetration Tester (1099 Contractor)

Job Title: Offensive Cloud Penetration Tester (1099 Contractor) 

Location: Remote (Must Be U.S. Based) 

Contract Type: 1099 Independent Contractor 

Position Overview: 

We are seeking an experienced Offensive Cloud Penetration Tester to join our team as a 1099 contractor. In this role, you will be responsible for performing in-depth security assessments of cloud environments, identifying vulnerabilities, and providing actionable recommendations to enhance security postures. You should have a strong background in offensive security, particularly within cloud environments, and be able to work independently with minimal supervision. 

Key Responsibilities: 

• Conduct comprehensive penetration testing of cloud environments (AWS, Azure, GCP). 

• Identify and exploit vulnerabilities in cloud-based infrastructure, applications, and services. 

• Develop and execute red team scenarios targeting cloud environments. 

• Perform threat modeling, attack surface analysis, and security assessments of cloud architectures. 

• Document findings in detailed reports, including proof-of-concept exploits and remediation recommendations. 

• Collaborate with client teams to discuss findings, provide remediation guidance, and help prioritize security fixes. 

• Stay up-to-date with the latest cloud security threats, vulnerabilities, and offensive security techniques. 

• Develop and maintain cloud-based testing tools and methodologies. 

Requirements

 Qualifications: 

• Proven experience as a penetration tester with a focus on cloud environments. 

• Deep understanding of cloud platforms (AWS, Azure, GCP) and their security features. 

• Strong knowledge of networking, operating systems, and application security. 

• Experience with tools and techniques for cloud penetration testing, including but not limited to, manual testing, scripting, and exploitation frameworks. 

• Relevant certifications (e.g., OSCP, OSCE, AWS Certified Security – Specialty) are highly preferred. 

• Excellent report writing and communication skills. 

• Ability to work independently and manage multiple projects simultaneously. 

 Preferred Skills: 

• Experience with container security (e.g., Docker, Kubernetes) and serverless architecture. 

• Familiarity with DevSecOps practices and tools. 

• Knowledge of compliance standards (e.g., CIS, NIST, GDPR) related to cloud security. 

• Experience with automation and scripting (Python, Bash, PowerShell).