Senior Penetration Test Engineer


Are you a creative, skilled, motivated professional? Join our Security Assurance team and conduct full-scope vulnerability assessment and penetration testing to help secure Esri's intellectual property, networks, and sensitive data against a variety of complex threats.



  • Perform web application penetration testing to identify potential security issues and vulnerabilities
  • Validate the correct operation of security controls within applications
  • Conduct hands-on security testing, analyze test results, document risk, and recommend countermeasures
  • Assess/calculate risk based on threats, vulnerabilities, and shortfalls uncovered in testing
  • Coordinate with other program elements conducting security testing


  • Seven or more years of experience in information security with a heavy emphasis on penetration testing and vulnerability assessment
  • Ability to demonstrate manual testing experience including all of the OWASP Top 10
  • Advanced experience with testing tools such as Burp Suite Pro, AppSpider, Acunetix, among others
  • Understanding of web services technologies such as XML, JSON, SOAP, REST, and AJAX 
  • Understanding of various web application frameworks such as ASP.NET, J2EE, and MEAN stack
  • Web server configuration knowledge (Microsoft IIS, Apache HTTP Server, Apache Tomcat)
  • Advanced knowledge and experience with OS and network security
  • Bachelor’s in computer science or related field, or equivalent work experience

Recommended Qualifications:

  • Technical certifications that support pen testing such as CEH, OSCP/OSCE, GPEN/GXPN/GWAPT 
  • Information security certifications such as CISSP, SSCP, GIAC, GSE 
  • In-depth understanding of layer 2-7 communication protocols, common encoding and encryption schemes, and algorithms
  • Previous software development experience to support penetration testing including vuln dev, tool modules, covert tunneling, scanning scripts, passive collection, etc.
  • Proficiency in any of the following languages: C#, Python, Ruby, Perl, Bourne/Bash, PowerShell, Visual Basic, VBScript, PHP, JavaScript, SQL, CFML, Java 
  • Experience in defeating WAFs and other filtering mechanisms


The Company

Our passion for improving quality of life through geography is at the heart of everything we do. Esri’s geographic information system (GIS) technology inspires and enables governments, universities, and businesses worldwide to save money, lives, and our environment through a deeper understanding of the changing world around them.

Carefully managed growth and zero debt give Esri stability that is uncommon in today's volatile business world. Privately held, we offer exceptional benefits, competitive salaries, 401(k) and profit-sharing programs, opportunities for personal and professional growth, and much more.

Esri is an equal opportunity employer (EOE) and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.

Back to top