Lead Cybersecurity Specialist (Pentesting) (Permanent – Onsite – New York, NY)

An opportunity has come through our network for a Lead Cybersecurity Specialist (Pentesting) at one of NYC’s top law firms. This permanent position, based onsite in New York, NY, offers a competitive salary ranging from $185,000 – $200,000 annually. This role is pivotal in safeguarding the organization’s digital infrastructure through proactive monitoring, threat detection, and advanced penetration testing of both cloud and on-premises environments. You’ll also support broader security operations and contribute to the deployment and maintenance of critical cybersecurity technologies across the firm.

What You’ll Be Doing: Orchestrating Proactive Security and Threat Detection

As a Lead Cybersecurity Specialist with a strong focus on penetration testing, you will be at the forefront of the firm’s defense strategy. Your responsibilities will blend hands-on technical execution with strategic analysis and cross-functional collaboration to proactively identify and mitigate security risks.

• Monitor and Analyze Security Alerts and Logs: You will meticulously monitor and analyze security alerts and logs from a wide array of sources. This includes data from SIEM (Security Information and Event Management) systems, DLP (Data Loss Prevention) solutions, IDS/IPS (Intrusion Detection/Prevention Systems), antivirus software, firewalls, and various system logs. Your keen analytical skills will enable you to detect suspicious activity, anomalies, and potential threats to the firm’s digital infrastructure.
• Conduct Manual and Automated Penetration Testing: You will lead the charge in conducting both manual and automated penetration testing across the firm’s diverse digital assets. This encompasses rigorous assessments of web applications, APIs (Application Programming Interfaces), networks, cloud platforms, and mobile environments. Your hands-on testing will simulate real-world attacks to uncover vulnerabilities and assess risk exposure, providing a clear picture of the firm’s exploitable weaknesses.
• Simulate Real-World Attack Scenarios: A critical aspect of your role will be to simulate real-world attack scenarios to uncover vulnerabilities and comprehensively assess the firm’s risk exposure. This proactive approach goes beyond basic scanning, diving deep into potential attack paths that might bypass standard defenses, thereby enhancing the firm’s overall resilience against sophisticated cyber threats.
• Develop Scripts and Automation Tools: You will actively develop scripts and automation tools specifically designed to support testing and remediation efforts. This involves coding custom scripts (e.g., in Python, PowerShell) to automate vulnerability validation, streamline repetitive testing tasks, and facilitate the efficient remediation of identified security flaws, thereby increasing the effectiveness and scalability of the security team.
• Participate in Red Team Operations and Threat Modeling: You will be a key participant in red team operations, simulating adversarial tactics to test the firm’s defensive capabilities. You’ll also contribute to threat modeling exercises, identifying potential threats and vulnerabilities in systems from a design perspective. Furthermore, you will engage in collaborative purple team exercises, working with defensive teams to improve detection and response mechanisms based on offensive simulations.
• Assist in Configuring, Maintaining, and Troubleshooting Security Tools: You will provide crucial assistance in configuring, maintaining, and troubleshooting security tools and platforms. This includes ensuring that various cybersecurity solutions (e.g., SIEM, EDR, vulnerability scanners) are optimally configured, regularly updated, and functioning effectively to provide continuous protection and accurate threat intelligence.
• Enhance Monitoring Capabilities and Contribute to Framework: You will play a vital role in continuously enhancing monitoring capabilities across the firm’s digital infrastructure. This involves identifying gaps in current monitoring, recommending new data sources, and helping to implement advanced detection mechanisms. You will also contribute to building and maintaining a robust continuous security monitoring framework, ensuring constant vigilance over the firm’s security posture.
• Collaborate on Cybersecurity Initiatives: You will foster strong relationships and collaborate with internal teams across the firm to support various cybersecurity initiatives. This partnership ensures that security measures are integrated seamlessly into business processes and technological deployments, and that all efforts align with overarching organizational objectives, embedding security into the firm’s DNA.

What You Bring: Essential Skills and Qualifications for a Pentesting Leader

To excel as a Lead Cybersecurity Specialist (Pentesting), you’ll need extensive experience in offensive security, a deep understanding of cyber adversary tactics, and strong technical proficiency across various security domains and tools.

• Strong Understanding of Network Security Fundamentals: You possess a strong understanding of network protocols (e.g., TCP/IP, DNS, HTTP), common vulnerabilities (e.g., misconfigurations, unpatched systems), various attack vectors (e.g., phishing, malware, brute force), and detailed adversary tactics, techniques, and procedures (TTPs). This comprehensive knowledge allows you to effectively identify and counter sophisticated threats.
• Proven Offensive Security Experience: You have proven experience in penetration testing, ethical hacking, or offensive security operations. This demonstrates your practical ability to simulate cyberattacks, identify exploitable weaknesses, and assess the firm’s security posture from an attacker’s perspective.
• Familiarity with Cybersecurity Frameworks and Standards: You are familiar with key cybersecurity frameworks and standards such as OWASP Top 10 (for web application security risks), MITRE ATT&CK (for adversary tactics and techniques), CVSS (Common Vulnerability Scoring System) for severity assessment, and common exploitation techniques (e.g., SQL injection, XSS, buffer overflows). This knowledge guides your testing and reporting.
• Proficiency with Security Test Tools: You demonstrate proficiency with industry-standard security test tooling. This includes hands-on experience with tools like Burp Suite (for web application testing), Metasploit (for exploitation), Nmap (for network scanning), Nessus (for vulnerability scanning), Kali Linux (a penetration testing distribution), BloodHound (for active directory analysis), or similar specialized security tools.
• Scripting Experience for Automation: You possess strong scripting experience using languages such as Python and/or PowerShell. This is crucial for automating testing procedures, validating vulnerabilities, developing custom exploits, and streamlining various security operations tasks.
• Solid IT Infrastructure Knowledge: You have solid knowledge of IT infrastructure, including Windows/Linux systems administration, networking fundamentals (routers, switches, firewalls), and application security principles. This holistic understanding allows you to identify vulnerabilities across the entire technology stack.
• Experience with Cloud Platforms and Security Assessments: You have proven experience with cloud platforms (e.g., AWS, Azure, or Google Cloud) and hands-on experience conducting cloud security assessments. This indicates your ability to identify and mitigate risks in cloud-native environments, including misconfigurations, identity flaws, and insecure services.
• Mobile Application Security Understanding (Plus): An understanding of mobile application security (iOS/Android) and threat modeling for mobile platforms is a significant plus, demonstrating a broader security expertise across diverse application types.
• Capture The Flag (CTF) Participation (Advantageous): Participation in Capture The Flag (CTF) events or other offensive security challenges is advantageous, showcasing your practical skills, competitive drive, and continuous learning in offensive security techniques.
• Strong Analytical and Problem-Solving Skills: You possess strong analytical and problem-solving skills with meticulous attention to detail. This enables you to dissect complex security challenges, diagnose root causes, and devise effective, robust solutions.
• Excellent Communication and Interpersonal Skills: You bring excellent communication and interpersonal skills. This is vital for articulating complex technical findings to diverse audiences, collaborating effectively with cross-functional teams, and presenting security reports to leadership.
• Self-Driven, Curious, and Committed to Learning: You are self-driven, curious, and committed to continuous learning. This proactive mindset ensures you stay ahead of emerging threats and technologies in the fast-evolving cybersecurity landscape.

Education and Experience: Your Foundational Expertise

• Educational Background: A Bachelor’s degree in cybersecurity, computer science, or a related field is required.
• Information Security Experience (7+ years): You must have a minimum of 7 years of verifiable experience in information security or related roles, demonstrating a seasoned background in the field.
• Highly Desirable Certifications: Certifications such as GPEN (GIAC Penetration Tester), OSCP (Offensive Security Certified Professional), OSEP (Offensive Security Experienced Penetration Tester) are highly desirable, validating expert-level offensive security skills.
• Additional Certifications (Plus): Additional certifications like CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CEH (Certified Ethical Hacker), or GIAC (Global Information Assurance Certification) credentials are considered a plus, showcasing a broader understanding of cybersecurity domains.