1

In Penetration Testing Jobs in Michigan (NOW HIRING)

Minimum 2 years hands on experience in at least one (1) of the following areas: * SOC Analyst ... Penetration testing of Apps, endpoints, or devices o Cyber Threat Intelligence (CTI) including ...

... penetration testing. * S ecurity certification desired (e.g., CISSP, ISSMP, ISSAP, GIAC, CEH) * P roven experience and knowledge of IT Security regulations and standards, especially in HIPAA/HITECH ...

... penetration testing (Red Team engagements). • Guide the high-level architecture for secure ... Required : • 5+ years of progressive experience in Information Security • Proven track record ...

Driller/Exploration Team Member IV

Buchanan, MI · On-site

$22.50 - $30.75/hr

In-situ testing techniques may include cone penetration testing (CPT), pressure meter testing, and rock dilatometer testing. Work may also include the installation of instrumentation such as ...

In-situ testing techniques may include cone penetration testing (CPT), pressure meter testing, and rock dilatometer testing. Work may also include the installation of instrumentation such as ...

Driller/Exploration Team Member V

Niles, MI

$21 - $28.50/hr

In-situ testing techniques may include cone penetration testing (CPT), pressure meter testing, and rock dilatometer testing. Work may also include the installation of instrumentation such as ...

Driller/Exploration Team Member III

Buchanan, MI · On-site

$22.50 - $30.75/hr

In-situ testing techniques may include cone penetration testing (CPT), pressure meter testing, and rock dilatometer testing. Work may also include the installation of instrumentation such as ...

In-situ testing techniques may include cone penetration testing (CPT), pressure meter testing, and rock dilatometer testing. Work may also include the installation of instrumentation such as ...

Driller/Exploration Team Member V

Buchanan, MI · On-site

$22.50 - $30.75/hr

In-situ testing techniques may include cone penetration testing (CPT), pressure meter testing, and rock dilatometer testing. Work may also include the installation of instrumentation such as ...

next page

Showing results 1-20

In Penetration Testing information

What jobs can I get with a security+ certification?

A Security+ certification qualifies you for roles such as security analyst, cybersecurity technician, or network security administrator. These positions involve implementing security measures, monitoring networks, and responding to security incidents, often requiring knowledge of security tools and protocols.

What are the key skills and qualifications needed to thrive as a Penetration Tester, and why are they important?

To thrive as a Penetration Tester, you need a deep understanding of network protocols, operating systems, security vulnerabilities, and commonly hold certifications like OSCP or CEH. Familiarity with tools such as Metasploit, Burp Suite, Nmap, and Kali Linux is typically required to conduct effective assessments. Strong analytical thinking, attention to detail, and clear communication skills set standout professionals apart in this field. These skills and qualities are crucial for identifying security weaknesses, delivering actionable recommendations, and helping organizations strengthen their cybersecurity defenses.

Will pentesters be replaced by AI?

Penetration testers perform manual security assessments that require critical thinking, creativity, and understanding of complex systems, which AI currently cannot fully replicate. While AI tools can assist in automating certain tasks like vulnerability scanning, human expertise remains essential for interpreting results and developing effective security strategies.

Can you make $500,000 a year in cyber security?

In penetration testing, earning $500,000 annually is possible for highly experienced professionals working in senior roles, consulting, or managing large security teams. Achieving this income typically requires advanced certifications, specialized skills, and extensive industry experience, often in high-demand sectors or with consulting firms. Most penetration testers earn between $70,000 and $150,000 per year, with top-tier experts reaching higher salaries through freelance work or leadership positions.

What is penetration testing?

Penetration testing, often called 'pen testing,' is a simulated cyberattack performed to identify and exploit vulnerabilities in an organization's computer systems, networks, or applications. The goal is to uncover security weaknesses that malicious hackers could exploit and to help organizations strengthen their defenses. Pen testers use various tools and techniques to mimic real-world attacks, providing valuable insights and recommendations for improving overall security. Regular penetration testing is essential for maintaining a robust cybersecurity posture and complying with industry regulations.

What is the difference between In Penetration Testing vs Vulnerability Assessment?

AspectIn Penetration TestingVulnerability Assessment
PurposeSimulates cyberattacks to identify exploitable vulnerabilitiesIdentifies and reports security weaknesses without exploiting them
DepthIn-depth, targeted testing with active exploitationBroad, automated or manual scanning for vulnerabilities
CertificationsOSCP, CEH, GPENOSCP, CEH, CISSP (common but less focused)
Work EnvironmentEngages in simulated attacks, often in controlled environmentsUses scanning tools, reports vulnerabilities

While both roles focus on identifying security issues, In Penetration Testing involves actively exploiting vulnerabilities to assess security defenses, whereas Vulnerability Assessment primarily identifies weaknesses without exploitation. Penetration testers provide deeper insights into potential attack vectors, making their work more targeted and detailed.

What are some common challenges faced by penetration testers during client engagements?

Penetration testers often encounter challenges such as limited timeframes for assessments, incomplete or outdated documentation about client systems, and varying levels of cooperation from internal teams. Navigating complex network architectures and adapting to unique security configurations can also be demanding. Effective communication is essential, as testers must clearly explain findings and remediation steps to both technical and non-technical stakeholders. These challenges require strong problem-solving skills, adaptability, and the ability to work collaboratively across departments.

Is penetration testing a good career?

Penetration testing is a valuable cybersecurity role focused on identifying vulnerabilities in systems and networks. It requires technical skills, knowledge of security tools, and often certifications like OSCP or CEH. The field offers strong job growth, competitive salaries, and opportunities for continuous learning.
What are popular job titles related to In Penetration Testing jobs in Michigan? For In Penetration Testing jobs in Michigan, the most frequently searched job titles are:
What job categories do people searching In Penetration Testing jobs in Michigan look for? The top searched job categories for In Penetration Testing jobs in Michigan are:
What cities in Michigan are hiring for In Penetration Testing jobs? Cities in Michigan with the most In Penetration Testing job openings:
Senior Application Security Engineer (REMOTE)

Senior Application Security Engineer (REMOTE)

Amerisure Mutual Insurance Company

Farmington Hills, MI • On-site, Remote

$57.75 - $77.25/hr

Full-time

Medical, Retirement, PTO

Posted 15 days ago


Job description

Amerisure creates exceptional value for its partners, policyholders, and employees. As a property and casualty insurance company, Amerisure's promise to our partner agencies and policyholders begins with a comprehensive line of insurance products designed to protect businesses, as well as the health and safety of every employee. With an A.M. Best "A" (Excellent) rating, Amerisure serves mid-sized commercial enterprises focused in construction, manufacturing and healthcare. Ranked as one of the top 100 Property & Casualty companies in the United States, we proudly manage nearly $1 Billion of Direct Written Premium and maintain $1.21 billion in surplus.

Amerisure is hiring!! This role can sit remote. We're looking for a Senior Application Security Engineer who can take ownership of security initiatives, shape our strategy, and partner closely with engineering teams to safeguard our applications from the ground up. The ideal candidate will possess the following skill set.

Summary Statement

The Senior IT Security Engineer designs, implements, and maintains security controls to protect the organization's systems and data. This role leads security monitoring, vulnerability management, and incident response efforts, while embedding security throughout the SDLC and integrating testing capabilities into CI/CD pipelines. The engineer supports secure development practices and conducts application and API penetration testing. Working closely with development, QA, DevOps, and architecture teams, this role strengthens the security posture of missioncritical SaaS and hybrid cloud applications. The Senior Engineer also advises leadership on security strategies, emerging technologies, and alignment with business goals, ensuring innovative, compliant, and effective security solutions.

Essential Tasks/Major Duties

  • Configure, implement, and maintain security systems with a hands-on approach to ensure the integrity, availability and resilience of the organization's IT infrastructure, applications and data.
  • Serve as a subject matter expert for application, API, and integration security across the enterprise. Establish and embed secure development requirements, best practices, patterns, and guardrails (Left Shift) across platforms, technology stacks, and development teams to enhance the overall application and API security posture.
  • Define, design, implement, and continuously improve application security processes, tools, and metrics. Integrate and optimize SAST, SCA, IAST, DAST, and secrets detection tools within CI/CD pipelines, and monitor, track, and report application and API security metrics to leadership.
  • Conduct comprehensive application and API security reviews, vulnerability assessments, and penetration testing, actively configuring and fine-tuning security tools to identify and remediate gaps.
  • Collaborate with cross-functional teams to enforce security best practices and ensure compliance with relevant standards and frameworks (e.g., NIST CSF, NY DFS, MI DIFS, OWASP, HIPAA/HTRUST), configuring security solutions to meet evolving business and regulatory requirements.
  • Lead incident response and digital forensics investigations, providing technical expertise to analyze cyber events and implement effective remediation actions that minimize operational impact.
  • Mentor and guide security team members, sharing knowledge and expertise in application and API security, threat analysis, vulnerability management, cloud security, and cryptography, while fostering a collaborative, learning-driven team culture.

Knowledge, Skills & Abilities

  • Bachelor's degree or equivalent combination of education and experience.
  • 7+ years of experience in Application and API Security within a DevSecOps environment.
  • Required certifications include at least one CISSP, CSSLP, CCSP, GSEC, CEH, CISM, or CRISC, in addition to platform-specific certifications (AWS, Microsoft, Cisco, etc.) or domain specific certifications (OSWE, OSCP, GWAPT, or GWEB).
  • Experience in Property & Casualty insurance or other regulated industries preferred.
  • Proven experience securing SaaS and custom applications in complex multi-cloud environments, applying security best practices and compliance frameworks.
  • Expert knowledge of secure SDLC principles, application and API security, container security, and secure coding practices. Deep familiarity with OWASP Top 10, OWASP API Security Top 10, and CWE in DevOps environments using TeamCity, Azure Pipelines, GitHub Actions, and Bitbucket Pipelines.
  • Extensive experience automating security scans and integrating SAST, SCA, IAST, DAST, and secrets detection tools into CI/CD pipelines.
  • Proficiency in managing application security tools, including SonarQube, Black Duck, Synopsys Seeker, Snyk, and Wiz Code.
  • Strong understanding of modern authentication and authorization protocols, including OAuth2, OIDC, JWT, and mTLS.
  • Knowledge of cryptographic protocols and standards such as SSL/TLS, SSH, PKI, and emerging quantum-resistant encryption techniques.
  • Solid understanding of security standards and frameworks, including NIST CSF, NY DFS, MI DIFS, HIPAA/HITECH, MITRE ATT&CK, and domain-specific regulatory requirements.
  • In-depth knowledge of common attack vectors and tactics, with a focus on proactive defense and risk mitigation.
  • Proficient in vulnerability assessment and penetration testing tools, capable of identifying, analyzing, and remediating vulnerabilities across applications and systems.
  • Familiarity with enterprise platforms such as Guidewire, Salesforce, Databricks, and SnapLogic is preferred.
  • Skilled in leading team initiatives using project management and Agile methodologies.
  • Excellent communication skills to clearly articulate security risks, policies, and remediation strategies to both technical and non-technical stakeholders.

#LI-Remote

Just as we are committed to creating exceptional value for our Partners For Success agencies and policyholders, Amerisure also remains committed to being an employer of choice. We reinforce this commitment by adhering to an Employee Value Proposition that, in part, is provided through a competitive total rewards package. This package includes competitive base pay, performance-based incentive pay, comprehensive health and welfare benefits, a 401(k) savings plan with profit sharing, and generous paid time off programs. We also offer flexible work arrangements to promote work-life balance. Recognized as one of the Best and Brightest Companies to Work For in the Nation and one of Business Insurance magazine's Best Places to Work in Insurance, we provide a workplace that fosters excellence and professional growth. If you are looking for a collaborative and rewarding career, Amerisure is looking for you.

Amerisure Mutual Insurance Company is an Equal Employment Opportunity employer. Amerisure provides equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (to include sexual orientation and gender identity), national origin, age, disability, genetic information, veteran status, or any other protected characteristic under applicable federal, state, or local laws. Amerisure complies with all applicable laws governing nondiscrimination in employment in all locations where the company operates. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Amerisure prohibits harassment or discrimination of any kind and is committed to maintaining a workplace free from unlawful harassment or discrimination. Amerisure prohibits retaliation against anyone who reports discrimination, participates in an investigation, or opposes unlawful practices. Any improper interference with an employee's ability to perform their job duties may result in disciplinary action, up to and including termination.