Kaseya® is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide powered by AI. Kaseya’s best-in-breed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained, strong double-digit growth over the past several years and is backed by Insight Venture Partners www.insightpartners.com), a leading global private equity firm investing in high-growth technology and software companies that drive transformative change in the industries they serve.
Founded in 2000, Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our award-winning solutions, go to www.Kaseya.com and for more information on Kaseya’s culture.
Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers.
Lead the technical review and quality assurance of automated internal and external network vulnerability and penetration testing reports, identifying systemic gaps, false positives/negatives, and complex attack paths requiring advanced validation.
Design, execute, and document advanced exploitation and post-exploitation techniques not covered by the automated penetration testing platform, including multi-step attack chains and privilege escalation paths.
Serve as a subject-matter expert for exploitation methodologies, providing actionable feedback, bug reports, and architectural improvement recommendations to the automation and engineering teams.
Define, document, and maintain a knowledge base of exploitation and post-exploitation techniques, ensuring consistency, repeatability, and alignment with real-world attacker behavior.
Partner closely with the automation team to identify, model, and formalize attacker vectors not yet supported by the platform, translating manual techniques into automation-ready logic.
Design, develop, and maintain custom tooling to support exploitation, post-exploitation, and reporting workflows, with an emphasis on reliability, scalability, and reusability.
Develop and maintain automation scripts and proof-of-concept exploits (Ruby, Python, Bash) to eliminate repetitive manual testing, validate complex attack scenarios, and extend platform capabilities.
Drive continuous improvement of the pentest QA process by proposing new procedures, tooling, and standards that increase accuracy, reduce noise, and improve signal quality in assessment outputs.
Act as a technical mentor and reviewer for less-experienced pentesters, raising overall quality and consistency of exploitation and reporting practices.
3+ years of hands-on network security and penetration testing experience in a professional environment, with demonstrated depth in exploitation and post-exploitation.
Strong mastery of network security fundamentals and attacker tradecraft, including exploitation of common enterprise protocols such as SMB, Kerberos, LDAP, FTP, Telnet, SSH, SMTP, RDP, and NFS.
Deep understanding of network and web protocols, including TCP/IP, UDP, IPSEC, HTTP/HTTPS, and routing concepts, with the ability to identify subtle misconfigurations and abuse paths.
Extensive experience with industry-standard penetration testing tools, such as Kali Linux, Metasploit, Burp Suite, Impacket, CrackMapExec, Responder, BloodHound, Mimikatz, Kerbrute, and similar frameworks.
Proven expertise in Active Directory security assessments, including enumeration, privilege escalation, lateral movement, and domain compromise techniques.
Strong programming and scripting skills, with Ruby or Python proficiency preferred; ability to rapidly prototype tools, exploits, and automation.
Advanced experience with Unix/Linux systems, shell environments, and scripting (sh, bash, zsh).
Demonstrated ability to think like an attacker, prioritize risk, and translate complex technical findings into actionable insights for engineering and automation teams.
Join the Kaseya growth rocket ship and see how we are #ChangingLives !
Additional information
Kaseya provides equal employment opportunity to all employees and applicants without regard to race, religion, age, ancestry, gender, sex, sexual orientation, national origin, citizenship status, physical or mental disability, veteran status, marital status, or any other characteristic protected by applicable law.