Penetration Tester (Monterrey)
Link-Worldwide
At Bishop Fox, security isn't just a job - it's our passion. As leaders in continuous offensive security and penetration testing, we deliver world-class customer experiences. Trusted by over a quarter of the Fortune 100, half of the Fortune 10, and top integral media companies, we help safeguard digital landscapes. Our Cosmos platform, honored as Best Emerging Technology by SC Media, exemplifies our commitment to innovation.
Joining Bishop Fox means collaborating with a curious and dedicated team. You'll tackle complex challenges for some of the world's most recognized organizations, securing their networks against real-world threats. With nearly 20 years of industry contributions - including 16 open-source tools and 50 security advisories published in the past five years - we're committed to making the digital world safer.
Who Are You and What You'll Do
You're a cybersecurity consultant with a strong offensive security mindset and a passion for understanding how modern applications, cloud platforms, APIs, and emerging technologies operate at a deep technical level. You enjoy uncovering security weaknesses, thinking creatively about attack paths, and helping organizations solve complex security challenges through practical, risk-focused assessments.
At Bishop Fox, you'll work on a wide variety of security engagements including Cloud Security Assessments, Mobile Application Security Testing, Hybrid Application Assessments (HAA), and AI/LLM Security Assessments. You'll evaluate modern applications and distributed systems across cloud-native, mobile, backend, and AI-enabled environments.
Your responsibilities will include performing hands‑on security testing, analyzing application behavior, reviewing source code, identifying realistic exploitation scenarios, and validating security controls across modern architectures. You'll work closely with clients and internal teams to deliver high‑quality technical assessments and actionable remediation guidance.
As a consultant, you'll contribute throughout the full engagement lifecycle from scoping and test planning to execution, reporting, and client presentations. Success in this role requires strong technical depth, structured testing methodologies, effective communication skills, and the ability to adapt quickly to new technologies and environments.
Your Experience
- 4+ years of experience in application security assessments, penetration testing, or offensive security engagements
- Strong understanding of application security fundamentals, modern attack techniques, and common vulnerabilities affecting web applications, APIs, mobile applications, and cloud‑native environments
- Hands‑on experience testing REST APIs, including authentication/authorization flaws, IDORs, injection vulnerabilities, session management issues, and business logic flaws
- Strength with AWS services and cloud security concepts, including IAM, STS, S3, Lambda, API Gateway, CloudTrail, CloudWatch, and secure communication patterns such as SigV4
- Solid understanding of networking and web fundamentals, including TCP/IP, DNS, API communication flows, cookies, headers, and related concepts
- Experience reviewing source code for security issues in Java, C#, and Python applications
- Knowledge of secure coding principles and common risks such as SSRF, insecure deserialization, injection vulnerabilities, sensitive data exposure, and insecure cloud integrations
- Understanding of SDLC, CI/CD pipelines, and secure development practices
- Experience using security assessment and code review tools such as Burp Suite, Semgrep, Git, AWS CLI, and API testing/debugging tools
- Comfortable working across Linux, Windows, and macOS environments
- Experience or strong interest in AI/LLM security, including prompt injection, RAG risks, insecure integrations, excessive permissions, and the OWASP Top 10 for LLM Applications
- Strong written and verbal communication skills, with the ability to deliver clear, actionable findings and communicate technical risks to both technical and executive stakeholders
- Experience following structured testing methodologies, documentation standards, and validation/retesting workflows
- Strong collaboration and interpersonal skills when working with security, engineering, and client teams
- Ability to manage multiple concurrent engagements while maintaining high‑quality deliverables and attention to detail
- Curious, adaptable, and professional mindset with a passion for continuous learning and emerging security trends
Nice to Have
- Exposure to hardware or embedded device security testing
- Familiarity with cloud‑native and serverless architectures
- Consulting or client‑facing experience
- Relevant security certifications or hands‑on research contributions
Why Bishop Fox
- Be Excellent to Each Other
- Do the Right Thing
- Do What You'll Say You'll Do
- Get Better Together
- Give a Sh*t
Benefits
- Generous Time Off and Company‑Wide Holidays
- Team Events and International Travel Opportunities
- Work From Home Support
- Training Budget
- Saving Fund
- Food Coupons
- Health and Wellbeing programs
This position is not eligible for visa sponsorship. Applicants must be authorized to work in Mexico for the duration of employment without sponsorship.
Bishop Fox is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. All new hires must pass a background check as a condition of employment.
Interested? Apply today!
#J-18808-Ljbffr- ...Job Opportunity More about the role This is an exciting job opportunity for you as a Cyber Security Incident Response Analyst in Monterrey with Signify. Lead and support incident investigations, collaborating across teams to drive issues to a stable resolution. Monitor...Sugerido
- ...Overview Link-Worldwide en Monterrey busca un profesional para el área de marketing digital que se encargará de la gestión de redes sociales, creación de contenido visual y diseño de materiales gráficos. Requisitos Licenciatura en áreas afines. Mínimo 3 años...Sugerido
- ...determine root causes, and implement appropriate containment and remediation measures. Perform vulnerability assessments and penetration testing on systems and applications to identify weaknesses and recommend mitigation strategies. Develop and maintain security...Sugerido
$30,000
...Link-Worldwide busca un Administrador de Sistemas para laborar en Monterrey, en un esquema presencial. Se requiere título en Ciencias de la Computación o áreas relacionadas, junto con 5 años de experiencia comprobada en administración de plataformas. Los candidatos...Sugerido- ...Network Service Manager / Architect About The Team The Global Network team is to be placed evenly in Monterrey (Mexico), Chennai (India) & Bucharest (Romania) - Managed out of Bucharest (Romania). The scope is to take care of the network in our 100+ locations...Sugerido
- ...Bishop Fox is looking for a Cybersecurity Consultant in Monterrey to work on security assessments, penetration testing, and innovative security solutions. You'll engage with leading organizations to analyze and strengthen their digital security. Ideal candidates have...Desde casaHorario flexible
- ...Link-Worldwide en Monterrey busca un Auxiliar de Soporte Técnico con experiencia en redes. El candidato ideal debe tener al menos 2 años de experiencia y debería manejar las tecnologías de redes LAN, WAN, y seguridad perimetral. Se ofrece estabilidad laboral y todas...Tiempo completoLunes a miércoles
- ...OP Mobility in Monterrey, Reciente León We are seeking a dedicated IT Support professional to provide onsite technical assistance. The role involves managing IT hardware, software, and networks, ensuring security compliance, and optimizing data management processes...
- ...FLSmidth in Monterrey, Nuevo León, is looking for a Cyber Security Analyst to protect our digital assets and respond to security incidents. You will ensure the integrity and availability of information, monitor security systems, conduct analyses, and develop security policies...
- ...Link-Worldwide busca un ADMINISTRADOR DE HERRAMIENTAS TI MANAGEENGINE en Monterrey. El candidato ideal debe tener 5 años de experiencia en la administración de plataformas como Manage Engine y Crowdstrike. Ofrecemos un contrato con beneficios superiores, incluyendo...Contrato
- ...Link-Worldwide in Monterrey is seeking a Network Service Manager / Architect to oversee network management across 100+ global locations. You will engage closely with the IT Infrastructure Team and ensure projects align with business needs. The ideal candidate has substantial...
- ...Link-Worldwide busca un Auxiliar en TI en Monterrey con experiencia en soporte técnico y habilidades en gestión para asegurar la operación eficiente de la infraestructura tecnológica. Los candidatos deben tener al menos 3 a 4 años de experiencia en administración de...
$35,000 - $55,000
Link-Worldwide busca un Ingeniero de Redes en Querétaro que se una a su equipo. El candidato ideal tendrá entre 2 y 3 años de experiencia y habilidades en seguridad SOC N2 L2, así como en herramientas SIEM y protocolos de ruteo. Ofrecemos un salario competitivo entre...$35,000 - $55,000
Link-Worldwide busca un Ingeniero de Redes en Querétaro con experiencia en seguridad SOC N2 L2 y SIEM. Ofrecemos un salario competitivo entre 35,000 y 55,000 pesos, junto con prestaciones superiores a la Ley. El candidato adecuado tendrá de 2 a 3 años de experiencia...- ...Link-Worldwide busca un Project Manager Jr. en Monterrey con experiencia en gestión de proyectos de redes. Se ofrece trabajo híbrido, sueldo competitivo y oportunidades de desarrollo profesional. El candidato ideal debe tener certificaciones en Scrum e ITIL, además...Trabajo híbridoHorario flexible
- Oviedo, Municipality of Oviedo, Asturias, Spain CCIE (Routing & Switching) Network Specialist ~ Senior Routing & Switching SME (Subject Matter Expert): CCIE level experience – Senior engineer with CCIE (Route & Switch) certification – Extensive experience in IP Networks...
$15,000 - $18,000
...Link-Worldwide en Monterrey busca un especialista en Mercadotecnia con licencia para crear y gestionar campañas publicitarias. El candidato ideal deberá tener al menos 2 años de experiencia y habilidades en diseño web y marketing digital, incluyendo Canva. El puesto...Lunes a viernes- EagleBurgmann in Querétaro is seeking a Cyber Security Analyst who will monitor networks for security issues, investigate breaches, and install protective measures. Responsibilities Document security incidents Support vulnerability assessments Work with international...Trabajo híbrido
- Link-Worldwide is looking for a Cloud Vulnerability Management Analyst to join their team in Querétaro, Mexico. The role entails identifying vulnerabilities in systems, conducting triage, and engaging in remediation activities alongside company partners. The successful...Trabajar en la oficinaTrabajo híbrido
- MANUFACTURAS PETROLERAS – Esta solicitando: Administrador de Redes Sociales. Actividad: Encargarse de las redes sociales de la empresa para poder conectar con nuestros clientes y gestionar todas nuestras plataformas para impulsar nuestra marca. Responsabilidades ...Tiempo completoFin de semanaLunes a viernes
- Link-Worldwide en San Pedro Garza García está buscando un Consultor Comercial con sólida formación en TI. El candidato ideal debe tener al menos 3 años de experiencia en ventas, conocimientos en DLP y herramientas de CRM como Tenable y Excel. Ofrecemos un plan de crecimiento...
$12,500
Link-Worldwide busca un especialista en soporte técnico para su cliente en Cancún, Quintana Roo. El candidato ideal tendrá experiencia en redes y servicio al cliente, realizando tareas que incluyen el soporte técnico y la atención a necesidades de los usuarios. Ofrecemos...$18,000
Link-Worldwide en San Pedro Garza García busca un Especialista 2do Nível con experiencia en Forescout y conocimiento en redes. Las funciones incluyen soporte Nível 2, documentación de tickets y gestión de cambios y upgrades. El puesto es a tiempo completo con horarios...Tiempo completoTrabajo híbridoHorario flexible$11,000 - $14,000.71
Link-Worldwide busca un Especialista IT en San Pedro Garza García, Nuevo León, para facilitar el soporte técnico y la gestión de sistemas. El candidato ideal tendrá experiencia en soporte y reparación de laptops, además de ser capaz de configurar sistemas operativos. ...Remoto$13,000
Link-Worldwide está buscando un especialista en soporte técnico en redes Wifi para brindar atención en campo en Apodaca, Nuevo León. Ofrecemos un ambiente de trabajo sobresaliente con oportunidades de desarrollo y certificaciones. Los candidatos deben tener entre 6 ...- Link-Worldwide in Querétaro is looking for a Cyber Security Analyst to monitor networks for issues, investigate security breaches, and implement protective measures. The ideal candidate will have a Bachelor's degree in computer science and at least 3 years of relevant ...Trabajo híbrido
$16,000 - $20,000
Link-Worldwide busca un Administrador de Sistemas para su equipo en San Pedro Garza García, N.L. El puesto implica la administración y mantenimiento de servidores, redes, y servicios de hosting, asegurando la continuidad de los servicios de TI. Requerimos experiencia...- Link-Worldwide is seeking a Tech Support Manager in Apodaca, Nuevo León, to lead a team of technical support engineers. You will focus on delivering high-quality support for networking products while ensuring customer satisfaction through effective troubleshooting and ...
- ...incidents Develop base statistical methods to display cybersecurity risk Hunt for new vulnerabilities Perform security penetration tests on networks, web‑based applications, and computer systems Create findings and reports to application owners and management...Trabajar en la oficinaTrabajo híbridoLunes a jueves
- Samsung SDS Latin America busca un Analista sénior de infraestructura, redes y seguridad en Querétaro, México. El profesional se encargará de la operación de infraestructura de red, instalación y monitorización de dispositivos, y resolución de problemas de seguridad. ...
¿Desea recibir más vacantes?
Suscríbase y reciba vacantes similares a Penetration Tester (Monterrey). ¡Sea el primero en aplicar!

