Cyber Security Testing Supervisor
$92,100 - $185,400/Yr
RSM - Houston, TX
posted 23 days ago
Full-time - Senior
Houston, TX
101-250 employees
Professional, Scientific, and Technical Services
About the position
The Cyber Security Testing Supervisor at RSM US LLP is responsible for overseeing application security testing, including both manual and automated testing methodologies. This role is critical in helping clients prevent, detect, and respond to security threats affecting their systems and data. The supervisor will lead security assessments, mentor team members, and ensure the delivery of high-quality security findings to empower development and security teams.
Responsibilities
- Supervise and lead security assessments, including static and dynamic application security testing.
- Conduct manual penetration testing on web applications, network devices, and other systems.
- Collaborate with clients across various technology stacks and services, including cloud platforms and development technologies.
- Develop, enhance, and interpret security standards and guidance.
- Demonstrate and promote security best practices, including secure development and cloud security.
- Assist with the development of remediation recommendations for identified findings.
- Identify and clearly articulate findings to senior management and clients.
- Stay up-to-date with the latest security trends, technologies, and best practices.
- Lead and foster teamwork and open communication to deliver successful outcomes.
- Supervise, mentor, and manage the engagement of other staff working on assigned engagements.
Requirements
- BS in Computer Science, Engineering, or related field or equivalent work experience.
- Advanced expertise in web security, with comprehensive knowledge of vulnerabilities and effective exploitation techniques.
- 5+ years of experience in code review, application security testing, or web application development.
- Excellent written and verbal communication skills.
- Proficient programming skills (e.g. Java, Python, Ruby, JavaScript).
- Experience with cloud platforms, such as AWS, and knowledge of cloud security best practices.
- Familiarity with development technologies like Docker, CDK, Terraform, Java, Python, React, GraphQL, JSON, REST, etc.
- Technical background in application development, networking/system administration, security testing, or related fields.
- Experience with both static application security testing (SAST) and dynamic application security testing (DAST) using various tools and techniques.
Nice-to-haves
- One or more relevant certifications such as Offensive Security Web Assessor (OSWA), Offensive Security Web Expert (OSWE), Offensive Security Certified Professional (OSCP), Burp Suite Certified Practitioner, or AWS Certified Security Specialist.
Benefits
- Flexible scheduling to balance work and life demands.
- Competitive benefits and compensation package.
- Discretionary bonus based on firm and individual performance.
