Can I apply directly for this job on this page?

Yes, you can begin your application on this page using a quick form. You'll then be redirected to the employer's career site to complete the full application process.

What is the role of a Azure Penetration Test Engineer at Atmosera?

The Azure Penetration Test Engineer position at Atmosera is a Full-time or part-time position opportunity in the Engineering field.

Where is this Azure Penetration Test Engineer job located?

Remote - LATAM, Other / Non-US, Other

What type of employment is offered for this Azure Penetration Test Engineer role?

Full-time or part-time position

What is the expected salary for this Azure Penetration Test Engineer job?

Compensation will be discussed during the hiring process.

Azure Penetration Test Engineer job near me in Remote - LATAM, Other / Non-US at Atmosera | Jobs and Employment

Azure Penetration Test Engineer

Atmosera empowers businesses to redefine what's possible with modern technology and human expertise. Our exceptional experience across Applications, Data & AI, DevOps, Security, and the Microsoft Azure platform enables organizations to accelerate innovation, enhance security, and optimize operational agility. As a Microsoft Partner with seven specializations, GitHub AI Partner of the Year, a member of the GitHub Advisory Board, and a member of the prestigious Microsoft Intelligent Security Association (MISA), Atmosera expertly delivers cutting-edge, integrated solutions that deliver business value.

The Azure Penetration Test Engineer is responsible for conducting authorized security testing against Microsoft Azure and Microsoft 365 environments to identify, exploit, and document security weaknesses. This role focuses on cloud-native attack paths, identity compromise, misconfigurations, and exposure risks specific to Azure infrastructure-as-a-service, platform-as-a-service, and SaaS workloads.

The engineer operates as a trusted advisor to security, engineering, and leadership teams by producing actionable findings, validating remediation effectiveness, and aligning testing activities with industry frameworks such as NIST, MITRE ATT&CK, and Microsoft cloud security best practices. This role requires strong handson technical depth, professional reporting skills, and the ability to work independently within defined rules of engagement.

Key Responsibilities

Penetration Testing and Offensive Security

Conduct penetration tests against Azure and M365 environments, including but not limited to:

Azure AD and Entra ID identity and access configurations
Privileged role assignments and conditional access policies
Azure App Services, Function Apps, Storage Accounts, SQL, Key Vault, and API endpoints
Virtual networks, NSGs, private endpoints, service endpoints, and hybrid network integrations
Microsoft 365 services including Exchange Online, SharePoint Online, Teams, and OneDrive

Simulate realworld attacker techniques, including credential theft, token abuse, privilege escalation, lateral movement, and persistence within Azure and M365 environments.

Validate security controls implemented across Defender for Cloud, Defender for Identity, Defender for Endpoint, and Sentinel detection pipelines.

Identity and Access Attack Scenarios

Assess identity attack surfaces including:

Service principals, managed identities, and application registrations
OAuth consent abuse and Graph API permission misuse
Legacy authentication exposure and password spraying susceptibility
Privileged Identity Management configuration gaps

Demonstrate practical attack paths that result in data access, privilege escalation, or persistent control.

Reporting and Documentation

Produce clear, professional penetration test reports that include:

Executive summaries suitable for leadership review
Reproducible technical findings with evidence and attack chains
Risk ratings aligned to organizational risk models
Remediation guidance mapped to Azure and Microsoft security best practices

Present findings directly to security leadership and technical stakeholders as required.

Collaboration and Advisory Support

Work closely with:

Security Operations teams to validate detection coverage
Cloud engineering teams to confirm remediation feasibility
GRC teams to align findings with compliance requirements such as SOC 2, ISO 27001, and NIST 80053

Provide retesting and validation support following remediation efforts.

Continuous Improvement

Stay current on emerging Azure attack techniques, Microsoft security platform changes, and cloud exploitation research.

Contribute to internal penetration testing methodologies, tooling, and runbooks.

Required Qualifications

Minimum 5 years of professional penetration testing or offensive security experience
Strong handson experience testing Microsoft Azure and Microsoft 365 environments
Deep understanding of Azure AD and Entra ID security models
Proficiency with common penetration testing tools and techniques, including PowerShell, Azure CLI, Graph API, and cloudspecific testing frameworks
Strong knowledge of networking fundamentals, identity protocols, and authentication flows
Demonstrated ability to write highquality technical and executivelevel reports

Preferred Qualifications

Relevant certifications such as OSCP, AZ500, SC100, CRTO, or equivalent
Experience in consulting, MSSP, or regulated enterprise environments
Familiarity with Microsoft Sentinel and Defender XDR telemetry
Experience aligning penetration testing findings to NIST AI RMF, NIST CSF, or MITRE ATT&CK Cloud Matrix

Competencies and Attributes

High degree of professional judgment and ethical responsibility
Strong written and verbal communication skills
Ability to operate independently within defined rules of engagement
Methodical and evidencedriven testing approach
Strong attention to detail and risk prioritization

Working Conditions

This role may require participation in authorized testing windows, coordination across time zones, and occasional afterhours testing based on client or organizational requirements.

This is a contractor position in the United States with the ability to work from home but may require travel to a client site.

Atmosera is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. All employment is decided on the basis of qualifications, merit, and business need.

Azure Penetration Test Engineer in Remote - LATAM at Atmosera

Explore Related Opportunities

Job Description

Scan to Apply

Job Location

Frequently asked questions about this position