✦ Luna Orbit — Cybersecurity

Offensive Security Engineer

at JPMorgan Chase

📍 Tampa, FL, United States Onsite Posted April 04, 2026
Apply Now → ← Browse All Jobs

Position Details

Type Full-Time
Experience executive
Exp. Years 5+ years
Education Not specified
Category Cybersecurity

About this role

Offensive Security Engineer at JPMorgan Chase plans, scopes, and executes penetration testing across multiple environments; delivers remediation-focused reports and mentors junior testers.

Key Responsibilities

  • Plan, scope, and execute penetration testing engagements across environments
  • Collect prerequisites
  • Perform manual and automated testing
  • Document findings with risk assessments and remediation recommendations
  • Conduct peer reviews and mentor junior testers

Technical Overview

Hands-on pentesting across web/API/cloud/mobile; cloud platforms AWS/Azure/GCP; uses Burp Suite, Nmap, Metasploit; knowledge of OWASP Top Ten and NIST CSF; emphasizes threat modeling and reporting.

Ideal Candidate

The ideal candidate is an executive-level offensive security engineer with 5+ years of hands-on pentesting, strong cloud experience (AWS/Azure/GCP), and a track record of mentoring testers and delivering high-quality reports to leadership.

Must-Have Skills

5+ years of hands-on penetration testing experienceExperience with manual penetration testing of webAPIcloudinfrastructurethick-clientand/or mobile applicationsStrong understanding of OWASP Top TenNIST Cybersecurity FrameworkAbility to identify and articulate systemic security issues and remediationExceptional organizational and communication skillsExperience conducting peer reviews of penetration test reports and mentoring junior testers

Nice-to-Have Skills

Knowledge of cybersecurity practices in US financial services sectorPenetration testing for Windows and Unix-like OSSecurity-focused source code reviews (PythonJavaRust)Reverse engineering thick-client and mobile applicationsCertifications such as OSWECREST CRT/CCTOSCPOSCEGXPNGWAPTGPENGMOBBSCP

Tools & Platforms

Burp SuiteNmapMetasploitAWSAmazon Web ServicesAzureGoogle Cloud PlatformGCPAndroidiOS

Required Skills

Penetration testingmanual penetration testingBurp SuiteNmapMetasploitAWSAmazon Web ServicesAzureGoogle Cloud PlatformGCPAndroidiOSOWASP Top TenNIST Cybersecurity FrameworkThreat modelingWeb applicationsAPIscloud platformsOSWEOSCPCREST certifications

Hard Skills

Penetration testingManual penetration testingBurp SuiteNmapMetasploitWeb applicationsAPIsAWSAmazon Web ServicesAzureGoogle Cloud PlatformGCPAndroidiOSOWASP Top TenNIST Cybersecurity FrameworkThreat modelingSecurity reportsPeer reviewsMentoring junior testers

Soft Skills

CommunicationLeadershipMentoringTeam collaborationTechnical writing

Certifications

Preferred

OSWECREST CRTCREST CCTOSCPOSCEGXPNGWAPTGPENGMOBBSCP

Industry & Role

Industry Banking
Job Function Lead offensive security engagements to safeguard JPMorgan Chase's critical assets
Role Subtype Executive
Tech Domains Cybersecurity, Amazon Web Services, Azure, Google Cloud Platform, Docker, Kubernetes, Python, Java

Keywords for Your Resume

Offensive Security Engineerpenetration testingmanual penetration testingBurp SuiteNmapMetasploitAWSAmazon Web ServicesAzureGoogle Cloud PlatformGCPAndroidiOSOWASP Top TenNIST Cybersecurity FrameworkThreat modelingWeb applicationsAPIson-siteTampabankingoffensive securityPenetration testing

Deal Breakers

5+ years hands-on penetration testing experience, On-site in Tampa, Florida, Cloud (AWS/Azure/GCP) experience, Ability to write detailed technical reports and present findings

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile