Associate Principal Penetration Tester

Dragos is on a relentless mission to defend industrial organizations that provide us with the necessities of modern civilization; running water, functioning electricity, and safe industrial working environments. As the market leader in ICS/OT Cybersecurity, we are dedicated to arming our customers with best-in-class technology, threat intelligence, and services to protect their systems as effectively and efficiently as possible. We're a remote-first culture with operations in North America, Europe, the Middle East, and APAC. We're looking for mission-oriented teammates who embody our core values of authenticity, transparency, and trust. Are you ready to make a difference? Come join a mission that can save the world!

• Lead customerfacing professional services engagements centered on penetration testing, acting as the primary technical lead and trusted advisor on highimpact pen test, purple team, and vulnerability assessment engagements.
• Shape engagement strategy and direction, aligning deep technical execution with customer business objectives to deliver meaningful, riskfocused security value.
• Set the technical standard forpenetration testing across the organization by defining methodologies, assessment frameworks, and adversary emulation approaches informed by current threat intelligence.
• Design and execute advanced offensive campaigns that uncover complex attack paths across IT/OT boundaries and within industrial environments.
• Translate field insights into strategic inputs for Dragos R&D, influencing tooling, detection content, and analytics by identifying gaps in customer visibility, response, and prevention.
• Mentor and guide crossfunctional teams while evolving internal playbooks and operational practices, and represent Dragos through executive engagements and industry thought leadership.

• 5+ years of handson cybersecurity experience focused on vulnerability assessments, penetration testing or red teaming engagements.
• Deep expertise in penetration testing methodologies across white, gray, and blackbox scenarios. This includes a solid understanding of cyber threats, attack paths, exploits and adversary TTPs.
• Hands-on experience with assessment and penetration testing tools such as Metasploit, NMAP, Kali Linux, Cobalt Strike, Burp Suite Pro, and common LOTL toolsets.
• Proven experience with networking components (ie, routers, switches, firewalls) and common operating systems (ie, Windows, Linux).
• Strong communication, reporting, and customerfacing skills, with the ability to clearly present technical findings to both technical and nontechnical audiences.
• Selfmotivated, teamoriented, and able to work independently in a remote/distributed environment.
• Willingness to travel up to 30% for customer engagements.

Dragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws. All new hires must pass a background check as a condition of employment.