Penetration Tester, Red Team (Application Security)

locations Manila (Flexible) time type Full time posted on Posted Today job requisition id JR111227

Be the one building AI-powered experiences where they matter most.

At Genesys, we help organizations create better customer experiences through AI-powered experience orchestration. Our platform connects people, systems, data and AI to help organizations deliver more personalized service, improve operational efficiency and build stronger customer relationships.

Help build, support and operate technology used by more than 8,000 organizations in over 100 countries – moving AI from possibility to production in real-world enterprise environments every day.

The Role:

The Penetration Tester, Red Team (Application Security) is a member of the Information Security team that provides security testing and risk management support for web applications, APIs, and modern application environments. The successful candidate will contribute to the organization’s application security posture through structured penetration testing activities and will work collaboratively with engineering and security teams to identify, validate, and help remediate vulnerabilities.

This role requires the ability to work with limited day-to-day guidance on assigned tasks while continuing to develop technical expertise in penetration testing methodologies, tooling, and reporting. The candidate will contribute to ongoing improvements in testing processes, stay informed on emerging threats, and support the organization’s overall application security strategy. This position will report directly to the Red Team Program Lead and will be responsible for the following:

• Support the planning and execution of penetration testing activities for web applications, APIs, and related services using established methodologies.
• Perform both automated and manual testing, including black-box, gray-box, and white-box approaches.
• Identify vulnerabilities related to authentication, authorization, session management, input validation, business logic, and API security.
• Develop or utilize scripts and tools to support testing activities and improve operational efficiency.
• Contribute to professional reporting, including technical findings, risk analysis, and remediation guidance.
• Collaborate with engineering, DevOps, and security teams to support vulnerability remediation and risk reduction efforts.
• Support ongoing improvements to penetration testing processes, methodologies, and tooling.
• Stay current on emerging threats, vulnerabilities, and techniques, including modern application and AI-related risks.

The Penetration Tester, Red Team (Application Security) will be responsible for working within established frameworks for project delivery, escalating issues as identified, and completing assigned work according to defined expectations and timelines.

Occasional travel may be required.

Qualifications:

• Minimum 2 years of hands-on penetration testing, application security, or related cybersecurity experience
• Experience testing web applications and APIs using both automated tools and manual techniques
• Strong understanding of OWASP Top 10 and common web application vulnerabilities
• Experience with security testing tools such as Burp Suite, OWASP ZAP, or equivalent
• Basic proficiency with scripting languages (e.g., Python, Bash, PowerShell)
• Strong understanding of web technologies (HTTP/S, REST APIs) and networking fundamentals
• Ability to clearly explain issues and contribute to professional reporting for both technical and non-technical audiences
• Self-driven to stay current with evolving security threats, tools, and techniques
• Strong analytical, problem-solving, and interpersonal skills
• Ability to work both independently with limited guidance and collaboratively within a team environment
• Ethical character with the ability to handle sensitive information confidentially
• Passion for cybersecurity and a commitment to continuous learning

Preferred Qualifications:

• Experience assessing AI-enabled applications, including Large Language Models (LLMs) and API-driven systems
• Familiarity with frameworks such as OWASP Top 10 for LLM Applications, MITRE ATLAS, and NIST AI Risk Management Framework (AI RMF)
• Understanding of AI-related risks such as prompt injection, data leakage, and model abuse
• Exposure to AI security testing tools such as Garak, PyRIT, Promptfoo, Llama Guard, or similar frameworks
• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field, or equivalent practical experience

#LI-PR1

#LI-Hybrid

Working at Genesys

• AI at enterprise scale – Build, support and operate AI-powered technology used by more than 8,000 organizations worldwide. 150+ new AI features were released in the last fiscal year.
• A flexible-first culture – Join a global team of nearly 7,000 employees with flexible ways of working designed to help people do their best work.
• Growth in the AI era – Build future-ready skills through mentorship, learning programs, leadership development and education support.
• Time to recharge and give back – Benefits include paid volunteer time, August Free Fridays, well-being resources and regionally tailored programs for employees and their families.
• Recognized globally – Genesys is Great Place to Work certified in 17 countries and 94% of employees are proud to tell others they work at Genesys.

Learn more about our culture, AI innovation and sustainability commitments through our Careers site and Sustainability Report.

What Happens After You Apply

After you apply, here's what you can typically expect:

• Our Talent Acquisition team reviews your application with the hiring team.
• A Talent Acquisition Partner will review your application and, if your background is aligned, schedule a Zoom interview.
• Next, you'll meet the hiring manager and other members of the interview team.
• We aim to keep the process focused and respectful of your time, with no more than five interviews in most cases.
• After interviews are complete, our team will follow up with the final steps.

Every application is reviewed by a person. Response times may vary by role and location, but our team will keep you informed throughout the process.

Stay Connected

Stay connected to learn more about how we're applying AI to customer and employee experience challenges and get notified when relevant opportunities become available.

Get notified about relevant opportunities.

Be the one building what's next - where AI, experience and impact come together.

Employee Referral

If a Genesys employee referred you, please apply using the link they shared so we can connect your application to their referral.

About Genesys:

Genesys empowers more than 8,000 organizations worldwide to create the best customer and employee experiences. With agentic AI at its core, Genesys Cloud is the AI-Powered Experience Orchestration platform that connects people, systems, data and AI across the enterprise. As a result, organizations can drive customer loyalty, growth and retention while increasing operational efficiency and teamwork across human and AI workforces. To learn more, visit www.genesys.com.

Reasonable Accommodations:

If you require a reasonable accommodation to complete any part of the application process, or are limited in your ability to access or use this online application and need an alternative method for applying, you or someone you know may contact us at [email protected].

You can expect a response within 24–48 hours. To help us provide the best support, click the email link above to open a pre-filled message and complete the requested information before sending. If you have any questions, please include them in your email.

This email is intended to support job seekers requesting accommodations. Messages unrelated to accommodation—such as application follow-ups or resume submissions—may not receive a response.

Genesys is an equal opportunity employer committed to fairness in the workplace. We evaluate qualified applicants without regard to race, color, age, religion, sex, sexual orientation, gender identity or expression, marital status, domestic partner status, national origin, genetics, disability, military and veteran status, and other protected characteristics.

Please note that recruiters will never ask for sensitive personal or financial information during the application phase.