[Remote] Senior Penetration Tester at Humana

San Antonio, Texas, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Healthcare, CybersecurityIndustries

Requirements

Skilled in advanced exploitation techniques
Ability to translate complex technical vulnerabilities into clear business risk
Preference for delivering evidence-based security recommendations over theoretical discussions
Deep offensive security expertise
Experience with web applications, APIs, thick clients, Cloud, and AI/LLM/ML-powered applications
Advanced knowledge and experience to lead moderate to complex penetration tests with autonomy
Ability to contribute technical expertise during consulting rotations and "lunch & learns."
Capability to lead closing meetings with business stakeholders such as application owners, security teams, information security offices, and internal customers

Responsibilities

Perform application security-focused penetration tests to enable secure and compliant business operations and maintain PCI-DSS compliance
Identify and document novel vulnerabilities in web applications, APIs, thick clients, Cloud, and AI/LLM/ML-powered applications
Lead moderate to complex penetration tests with autonomy and make recommendations to leadership
Lead closing meetings with business stakeholders
Scope, plan, execute, document, and share findings of penetration tests
Provide input that influences the strategy and direction of the penetration testing functional area within the enterprise's offensive security program, collaborating with the Associate Director, Penetration Testing
Conduct comprehensive security assessments to identify vulnerabilities across Humana's technology infrastructure and translate technical findings into actionable business risk recommendations
Design and execute penetration tests, develop custom testing methodologies, and manage multiple concurrent security assessments
Review new applications for security assessment opportunities
Execute advanced penetration testing techniques across web applications and cloud environments
Develop detailed remediation guidance
Present findings to both technical and executive stakeholders
Design and execute comprehensive penetration tests across web applications, network infrastructure, cloud environments, and mobile platforms using industry-standard tools and custom methodologies
Develop targeted test cases for specific technologies and environments not covered by standard approaches
Ensure assessments meet service level agreements, such as completing standard web application assessments within established timeframes, while operating with minimal guidance on complex testing scenarios

Skills

Key technologies and capabilities for this role

Penetration TestingWeb Application SecurityAPI TestingThick Client TestingCloud SecurityAI/LLM/ML SecurityPCI-DSSVulnerability AssessmentRed TeamingBug Bounty

Questions & Answers

Common questions about this position

Is this position remote?

Yes, this is a 100% remote position.

What benefits or resources are provided for professional development?

Team members have access to Hack The Box Pro Labs, all HTB role-based training paths and certifications, discretionary certification funding, and conference/training budgets.

What skills and expertise are required for the Senior Penetration Tester role?

The role requires deep offensive security expertise, advanced knowledge in penetration testing web applications, APIs, thick clients, Cloud, and AI/LLM/ML-powered applications, and the ability to lead moderate to complex penetration tests autonomously.

What is the company culture like for this team?

The team fosters a supportive environment focused on collaboration, continuous learning, collective growth, and technical excellence, with Fridays dedicated to research and development on emerging technologies.

What makes a strong candidate for this Senior Penetration Tester position?

Strong candidates will have deep offensive security expertise, experience leading penetration tests across web apps, APIs, cloud, and AI/ML applications, and the ability to collaborate with Red Team and other specialists while presenting findings to stakeholders.

Humana

Health insurance provider for seniors and military

About Humana

Humana provides health and well-being services, focusing on Medicare Advantage plans for seniors, military personnel, and communities. Their plans include HMO, PPO, and PFFS options, designed to improve health outcomes through comprehensive and flexible coverage. Humana's revenue comes from government contracts and member premiums, and they aim to maintain high renewal rates by offering quality service and competitive benefits. The company stands out by fostering a culture of inclusivity and belonging among its employees, while also ensuring accessibility for all members, including offering free language interpreter services. Humana's goal is to deliver value to its members through an extensive provider network and innovative health solutions.

Louisville, KentuckyHeadquarters

1961Year Founded

IPOCompany Stage

Social Impact, HealthcareIndustries

10,001+Employees

Risks

Potential over-reliance on AI could disrupt operations if systems fail or are compromised.

Rising medical costs and tightening Medicare reimbursements may strain financial performance.

Leadership change with new CEO Jim Rechtin could lead to strategic disruptions.

Differentiation

Humana is a leader in Medicare Advantage plans, focusing on seniors and military personnel.

The company emphasizes inclusivity, offering free language interpreter services for accessibility.

Humana leverages AI and cloud technologies through a partnership with Google Cloud.

Upsides

Humana's investment in Healthpilot enhances digital enrollment for Medicare options.

The company is the first insurer to cover TMS therapy for adolescent depression.

Humana's focus on value-based care aims to improve outcomes for kidney disease patients.

Land your dream remote job 3x faster with AI

Try Jobo Free