Senior Security Consultant

Sensiba is always looking for top talent to add to our integrated team. We have an exciting opportunity for a Senior Security Consultant to join our Risk Assurance team. If you're looking for an organization that offers an inclusive environment, uses business as a force for good, and supports you and your family with flexible work options and attractive benefits, take the first step toward joining the Sensiba team!

Named a Top 100 Accounting Firm and Top Workplace USA, we're recognized for exceptional employee engagement and dedication in helping our clients solve problems, navigate complexity, and build a foundation for sustainable growth.

In 2018, we became a certified B Corporation (B Corp). The B Corp certification distinguishes companies that use the power of business to solve social and environmental problems. It helps us better assess how our core values align with our daily operations and identify where we can improve.

Summary:

The Senior Security Consultant will work directly with clients across various industries to lead and perform hands-on security assessments, identify vulnerabilities, and support retesting. This role focuses on uncovering and exploiting weaknesses in systems, applications, and networks. The Senior Security Consultant will conduct penetration tests, collaborate closely with client teams to interpret findings, and answer questions that may arise.

This role will utilize strong, professional communication skills with to deliver timely, clear updates and recommendations to clients. Additionally, the consultant will leverage coding expertise to think like an attacker and develop custom testing tools or scripts as needed.

Responsibilities:

• Plan, lead, and execute penetration testing engagements across a variety of environments, including networks, web applications, cloud environments, infrastructure, APIs and mobile applications.
• Simulate real-world attacks to uncover security weaknesses and provide actionable recommendations.
• Write custom scripts, tools, or proof-of-concept exploits as needed during assessments.
• Analyze and report vulnerabilities using industry-standard methodologies (e.g., OWASP, MITRE ATT&CK).
• Develop high-quality deliverables, including technical risk assessments and executive reports tailored to client audiences.
• Collaborate with clients to provide post-assessment guidance and recommendations to reduce risk and improve security posture.
• Actively participate in client meetings and presentations.
• Lead red team/blue team exercises and threat modeling activities.
• Stay current with emerging threats, techniques, and offensive tools to continuously improve service offerings.
• Contribute to internal knowledge sharing, methodology refinement, and the development of reusable tools/scripts for testing.
• Lead the development and improvement of internal testing methodologies, checklists, and procedures.
• Assist sales and business developments for service line growth, scoping calls, etc.
• Provide mentorship to less experienced individuals on the team.

Qualifications:

• Bachelor's degree or equivalent combination of education and experience is required; bachelor's degree in computer science, information security, or related field is preferred.
• 3+ years of experience performing penetration testing and/or defensive security operations.
• 5+ years of experience in cybersecurity, offense security, consulting or software development roles.
• Experience with scripting or programming languages (Java, Python, BASH, Perl, Ruby, etc).
• Experience working in public accounting or similar consulting environment is preferred.
• Exposure to DevSecOps practices and CI/CD pipeline security is a preferred.
• Proficiency with penetration testing tools (e.g., Burp Suite, Metasploit, Nmap, Wireshark).
• Proficiency with defensive technologies (e.g., SIEM platforms, EDR solutions, firewalls, IDS/IPS) is a plus.
• Relevant certifications such as OSCP, GPEN, GWAPT, CEH, or CISSP is a preferred.
• Knowledge of Windows, Linux, and MacOS operating systems.
• Strong knowledge of OWASP Top 10, MITRE ATT&CK Framework, and common security standards (e.g., NIST, CIS).
• Strong knowledge of network protocols, operating systems (Windows, Linux), and cloud environments (AWS, Azure, GCP).
• Analytical thinking and problem-solving skills.
• Ability to translate complex technical risks into business impacts for clients.
• Proactive attitude with a strong desire to learn and adapt.
• Collaborative spirit with the ability to work independently and as part of a team.
• Integrity, professionalism, and commitment to high ethical standards.

There are many reasons to join the Sensiba team: generous benefits, competitive compensation, professional advancement opportunities, and above all - our people. If you're looking for an environment that offers you growth, success, and professionalism without compromising your family, passions, and life outside of work, apply today!

Sensiba has a robust offering of benefits, including:

• Medical, dental, vision
• Generous PTO plan and paid sick time
• Flexible work arrangements
• 401K with company match
• Discretionary performance bonus
• Business referral incentive pay
• Sabbatical leave
• 11 paid holidays
  

For individuals based in San Francisco, consistent with the SF Fair Chance Ordinance, an arrest and conviction record will not automatically disqualify a qualified applicant from consideration.

For individuals who would be working within the City of Los Angeles, Sensiba will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.

Sensiba LLP is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation, gender identity, or any other characteristic protected by law.

Sensiba LLP complies with federal and state disability laws and makes reasonable accommodations for applicants and employees with disabilities. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact us at talent@sensiba.com.

Certain states require employers to disclose the pay range in job postings. This position may be eligible for an annual discretionary bonus. For more information about our benefit offerings and other total rewards, contact our human resources team.

Compensation Range: $105,000 - 150,000 compensation per year

*Compensation may vary based on skills, role, and location*