Principal Security Consultant
@ NetSPI

Hybrid

$150,000

Hybrid

Full Time

Posted 20 hours ago

Your Application Journey

Email Hiring Manager

XXXXXXXX XXXXXXXXXXX XXXXXXXX***** @netspi.com

Recommended after applying

Job Details

Overview

NetSPI® is an award-winning pioneer of Penetration Testing as a Service (PTaaS) driven by its AI-powered platform and a team of over 350 in-house cybersecurity experts. Specializing in more than 50 types of pentests, attack surface visibility, vulnerability prioritization, and attack simulation, NetSPI delivers security testing with clarity, speed, and scale.

Role Overview

As a Principal Security Consultant, you will lead web application penetration tests, conduct in-depth security assessments, and provide expert recommendations to fortify clients' security posture. You will work independently and collaboratively with clients and internal teams while mentoring junior staff and influencing external security discussions.

Responsibilities

Conduct web application and API penetration testing engagements independently.
Create, deliver, and collaborate on detailed penetration testing reports.
Research and develop innovative testing techniques and methodologies.
Mentor team members and contribute externally through blogs, webinars, and conferences.
Handle administrative consulting tasks for smooth business operations.
Collaborate on scoping engagements, participate in sales meetings, and support marketing campaigns.

Minimum Qualifications

Bachelor’s degree or equivalent in IT, Computer Science, Engineering, Math or related field.
5+ years of penetration testing experience, with a focus on web applications.
Familiarity with offensive tools (e.g., Kali Linux, Burp Suite, Metasploit, Nessus).
Strong grasp of OWASP Top 10, MITRE ATT&CK framework, and security frameworks.
Experience with Windows, Linux, and MacOS internals.
Demonstrated ability in mentorship and excellent communication skills.
Willingness to travel up to 5-10% and work flexible hours as needed.

Preferred Qualifications

Experience handling engagements for both web and thick client applications.
Proficiency in one or more programming/scripting languages (Ruby, Python, Perl, C, C++, Java, C#).
Relevant offensive cybersecurity certifications (GXPN, GPEN, OSCP, GWAPT).

Key Skills/Competency

Penetration Testing, Web Security, API Security, Vulnerability Assessment, Reporting, Mentorship, Offensive Tools, Security Frameworks, Client Engagement, Cybersecurity

Apply without a personalized resume

How to Get Hired at NetSPI

🎯 Tips for Getting Hired

Customize your resume: Tailor security and penetration testing expertise.
Highlight certifications: Include relevant cybersecurity credentials.
Network: Connect with NetSPI employees on LinkedIn.
Prepare for technical interviews: Practice scenario-based security challenges.

📝 Interview Preparation Advice

Technical Preparation

Review penetration testing tools and methodologies.

Practice web application vulnerability scans.

Study OWASP and MITRE ATT&CK frameworks.

Refresh knowledge on Windows, Linux, MacOS.

Behavioral Questions

Explain past independent project challenges.

Describe team mentoring experiences.

Detail client communication examples.

Discuss handling tight project deadlines.

Ready to optimize your application for NetSPI?

Our Al will adapt your resume for NetSPI's hiring patterns and similar Principal Security Consultant roles.

Frequently Asked Questions

What technical expertise is required for the Principal Security Consultant at NetSPI?

How important are certifications for the Principal Security Consultant role at NetSPI?

What kind of reporting skills are needed for this role at NetSPI?

Does NetSPI expect mentoring from its Principal Security Consultant?

How is travel handled for the Principal Security Consultant at NetSPI?