This job is now closed
Job Description
- Req#: WD30234789
- Design and execute complex penetration tests against cloud-native applications, infrastructure, and data stores.
- Exploit vulnerabilities in cloud platforms, such as AWS, Azure, and GCP, using advanced techniques and tools.
- Assess the security posture of cloud-native applications, microservices, and serverless architectures.
- Develop and execute attack scenarios that simulate real-world threats, including supply chain attacks, privilege escalation, and lateral movement.
- Must have B.E / B.Tech / M.Tech / MCA in Computer Science or Information Technology
- Must have a minimum of 6 to 8 years penetration testing, with a strong focus on cloud environments.
- In-depth understanding of cloud technologies (AWS, Azure, GCP) and their security implications.
- Proficiency in advanced penetration testing tools and techniques, such as Metasploit, Cobalt Strike, and PowerSploit.
- Experience with container technologies (Docker, Kubernetes) and serverless architectures.
- Strong scripting skills (Python, PowerShell) for automation and custom tool development.
- Active security certifications such as OSCP, CSSLP or related is desired.
- Ability to work well under minimal supervision.
- Requires strong interpersonal, organizational, written and verbal communication skills.
- Experience with threat hunting, red team assessments and intelligence gathering techniques.
- Knowledge of emerging security threats and vulnerabilities.
- Experience with cloud-native security controls and best practices.
- Strong understanding of cryptography and network protocols.
- Ability to think critically and creatively to identify and exploit vulnerabilities.
Cloud Penetration Test Engineer
What you will do
The Cloud Penetration Testing Lead is responsible for leading and executing penetration testing activities specifically focused on JCI’s cloud environments. This role requires a deep understanding of cloud technologies, security best practices, and penetration testing methodologies. The lead will work closely with security architects, development teams, and infrastructure teams to identify and exploit vulnerabilities wherever possible in cloud-based systems.
How you will do it
What we look for
Required
Preferred
Who we are
Johnson Controls is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, status as a qualified individual with a disability, or any other characteristic protected by law. For more information, please view EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit www.johnsoncontrols.com/tomorrowneedsyou .
About the company
Johnson Controls International is an American Irish-domiciled multinational conglomerate headquartered in Cork, Ireland, that produces fire, HVAC, and security equipment for buildings.
Notice
Talentify is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.
Talentify provides reasonable accommodations to qualified applicants with disabilities, including disabled veterans. Request assistance at accessibility@talentify.io or 407-000-0000.
Federal law requires every new hire to complete Form I-9 and present proof of identity and U.S. work eligibility.
An Automated Employment Decision Tool (AEDT) will score your job-related skills and responses. Bias-audit & data-use details: www.talentify.io/bias-audit-report. NYC applicants may request an alternative process or accommodation at aedt@talentify.io or 407-000-0000.