Technical Lead II

Job Description

Cloud Penetration Test Engineer What you will do The Cloud Penetration Testing Lead is responsible for leading and executing penetration testing activities specifically focused on JCI s cloud environments. This role requires a deep understanding of cloud technologies, security best practices, and penetration testing methodologies. The lead will work closely with security architects, development teams, and infrastructure teams to identify and exploit vulnerabilities wherever possible in cloud-based systems. How you will do it Design and execute complex penetration tests against cloud-native applications, infrastructure, and data stores. Exploit vulnerabilities in cloud platforms, such as AWS, Azure, and GCP, using advanced techniques and tools. Assess the security posture of cloud-native applications, microservices, and serverless architectures. Develop and execute attack scenarios that simulate real-world threats, including supply chain attacks, privilege escalation, and lateral movement. What we look for Required Must have B. E / B. Tech / M. Tech / MCA in Computer Science or Information Technology Must have a minimum of 6 to 8 years penetration testing, with a strong focus on cloud environments. In-depth understanding of cloud technologies (AWS, Azure, GCP) and their security implications. Proficiency in advanced penetration testing tools and techniques, such as Metasploit, Cobalt Strike, and PowerSploit. Experience with container technologies (Docker, Kubernetes) and serverless architectures. Strong scripting skills (Python, PowerShell) for automation and custom tool development. Active security certifications such as OSCP, CSSLP or related is desired. Ability to work well under minimal supervision. Requires strong interpersonal, organizational, written and verbal communication skills. Preferred Experience with threat hunting, red team assessments and intelligence gathering techniques. Knowledge of emerging security threats and vulnerabilities. Experience with cloud-native security controls and best practices. Strong understanding of cryptography and network protocols. Ability to think critically and creatively to identify and exploit vulnerabilities. Who we are . For more information, please view EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit www. johnsoncontrols. com/tomorrowneedsyou .