Security Architect at Leonardo designing and implementing security solutions in Cyber & Security Solutions. Collaborating with technical teams to protect data and resources effectively.
About the role
- Lead Penetration Testing Engineer handling advanced penetration testing across applications and enterprises. Collaborating with teams to influence security design and reporting on findings.
Responsibilities
- Lead and execute advanced penetration tests across web applications and APIs.
- Lead and execute advanced penetration tests across cloud and hybrid infrastructure (k8, docker, etc).
- Lead and execute advanced penetration tests across identity, authorization, and trust boundaries.
- Lead and execute advanced penetration tests across internal and external enterprise attack surfaces.
- Lead and execute advanced penetration tests across AI / ML-enabled systems (e.g., LLM-backed applications, Agentic AI).
- Identify, exploit and demonstrate realistic business and risk impact.
- Perform advanced penetration testing activities, including manual exploitation beyond automated tooling.
- Lead penetration testing engagements end-to-end via scoping, test execution, risk assessment and prioritization, and clear reporting and remediation guidance.
- Develop a deep technical understanding of systems and products to uncover systemic weaknesses, not just isolated bugs, including weaknesses introduced by AI-driven components.
- Partner closely with engineering teams, security architects, AppSec teams, and detection & response teams to influence design and guardrails.
Requirements
- Deep hands-on experience in penetration testing, offensive security, or application security testing.
- 5+ years of experience in penetration testing, offensive security, and vulnerability research.
- Proven experience leading complex penetration testing engagements in production or production-like environments.
- Strong understanding of application security vulnerabilities and attack chains.
- Strong understanding of identity and access control failures.
- Strong understanding of cloud security and hybrid environments.
- Strong understanding of common defensive controls and their real-world limitations.
- Strong understanding of security risks specific to AI and LLM-based systems.
- Hands-on experience with manual exploitation and vulnerability chaining.
- Hands-on experience with custom scripts, payloads, or proof-of-concept development.
- Hands-on experience with advanced use (and limitation awareness) of automated testing tools.
- Hands-on experience testing AI-powered applications and APIs.
- Ability to clearly articulate exploitation mechanics and impact.
- Ability to clearly articulate risk in business and engineering terms.
- Ability to propose practical, prioritized remediation strategies.
- Strong communication skills and experience working directly with engineers, security teams, and leadership.
Benefits
- time off programs
- medical, dental, vision
- mental health support
- paid parental leave
- life and disability insurance
- 401(k)
- employee stock purchasing program
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Security Architect in Cyber Security Solutions for Leonardo, analyzing client objectives and designing multi - layered architectures. Requires 2 - 5 years of experience with security controls.
FPGA Engineer addressing security risks in evolving Defence technology by designing secure firmware and integration support. Collaborating with teams to develop security solutions and maintain accreditation standards.
WA
Staff Software Engineer leading security transformation for Managed File Transfer platform at Walmart. Focusing on modernization, automation, and security - first design.
Infrastructure Security Engineer responsible for managing customer engagements and project delivery at Hewlett Packard Enterprise. Requires a Secret clearance and extensive project management experience.
Senior Security Engineer protecting Plaud's AI infrastructure and data. Designing security controls and leading incident response for a next - generation AI productivity platform.
Product Security Engineer at Terumo Blood and Cell Technologies ensuring cybersecurity throughout product lifecycle. Collaborating with cross - functional teams to implement risk - based security requirements and solutions.
Senior Product Security Engineer at Acuity Inc. developing technology - focused solutions for lighting and building management. Responsibilities include collaboration on product innovation and market strategies.
Welcome Experience & Security Coordinator at Leonardo DRS, handling visitor processing and maintaining security standards while offering administrative support.
Senior IT - Security Consultant developing and implementing security projects for Data Centers. Collaborating with clients as a trusted advisor and supporting the sales team in presales activities.