[Remote] Senior Cyber Penetration Tester & Engineer

Note: The job is a remote job and is open to candidates in USA. UNFI is looking for an experienced technical Cybersecurity Penetration Tester and Engineer Senior to help us create a resilient food supply chain. The role involves performing threat emulations and identifying cybersecurity issues within the UNFI environment through technical penetration testing across various technologies and systems.

Responsibilities

• Perform technical penetration testing of APIs, web applications, networks, cloud services, databases, directory services, and infrastructure. – 75%
• Strategic attack simulation by analyzing UNFI’s internal and external attack surface and crafting bespoke penetration strategies. – 10%
• Writing comprehensive reports outlining identified vulnerabilities, potential exploitation paths. Provide remediation guidance and recommendations from the assessments and support any security questions from network, system, and/or application owners. – 10%
• Assess UNFI’s software development and cloud infrastructure from a security perspective and help drive internal security standards. – 5%

Skills

• At least 1 industry leading or senior level cybersecurity penetration certification, for example: Offensive Security Certified Professional (OSCP), GIAC Penetration Tester Certification (GPEN), GIAC Web Application Penetration Tester (GWATP), GIAC Cloud Penetration Tester (GCPN) or EC-Council Licensed Penetration Tester (LPT) Master
• Active GitHub repository account with examples of security tools, scripts, exploits developed OR evidence of past and current artifacts
• 8+ years of hands-on cybersecurity experience within IT environments
• 5+ years of experience performing penetration testing and vulnerability assessments
• Advanced penetration testing skills across both tools and scripting abilities
• Expertise with the following tools: various C2s, Burp Suite, Nmap, Wireshark, Bloodhound
• Expertise with cybersecurity scripting in Python, PowerShell, or Go to manipulate vulnerabilities and demonstrate potential exploits
• Ability to employ OSINT techniques to maximize attack vectors, simulating real-world cyber threats
• Skills in developing implants and evading common security tools
• Ability to critically examine an organization and system using knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime groups, and both state and non-state sponsored threat actors
• Knowledge of web application and cloud infrastructure best practices and understanding of how to exploit misconfigurations and vulnerabilities
• Knowledge of network access, identity and access management, including public key infrastructure and understanding of how to exploit misconfigurations and vulnerabilities
• Experience creating rules of engagement, test plans, scripts to aid testing efforts, and technical assessment reports that detail findings and remediation efforts
• Ability to translate technical findings into actionable insights
• Ability to mentor junior staff and transfer technical knowledge as well as contribute to the team's knowledge sharing

Benefits

• Paid Time Off
• Sick Time
• Paid holidays and parental leave
• 401K Program
• Medical, dental, vision, life, and accidental death/dismemberment insurance
• Short-term and long-term disability insurance program
• Flexible Spending Account and/or Health Savings Account

Company Overview

• UNFI is North America’s Premier Food Wholesaler. It was founded in 1978, and is headquartered in Providence, Rhode Island, USA, with a workforce of 10001+ employees. Its website is http://unfi.com.

Company H1B Sponsorship

• UNFI has a track record of offering H1B sponsorships, with 2 in 2025, 2 in 2024, 4 in 2023, 4 in 2022. Please note that this does not guarantee sponsorship for this specific role.

Apply tot his job Apply To this Job