Penetration Testing Engineer (Application, Network & Cloud Security) || Remote || Rate Upto $60/hr on C2C

Position Summary

We are seeking an experienced Penetration Testing Engineer to identify and validate security vulnerabilities across applications, networks, APIs, and cloud environments. The role involves conducting internal and external penetration testing across enterprise systems and simulating real-world attack scenarios to proactively identify and mitigate security risks.

The ideal candidate will have strong experience performing structured penetration testing aligned with recognized security frameworks and experience working in regulated environments such as healthcare.

Key Responsibilities

Penetration Testing & Security Assessments

• Perform application penetration testing for web, mobile, and API-based applications

• Conduct Internal Network Penetration Testing (INPT) across corporate infrastructure

• Conduct External Network Penetration Testing (ENPT) for internet-facing systems

• Execute cloud security penetration testing across AWS, Azure, or Google Cloud Platform environments

• Identify vulnerabilities related to authentication, authorization, configuration weaknesses, and insecure integrations

Vulnerability Analysis

• Validate vulnerabilities discovered through automated scanning tools

• Perform manual exploitation and proof-of-concept validation

• Assess risks across network infrastructure, applications, APIs, and cloud services

Compliance & Framework Alignment

• Conduct testing aligned with security frameworks such as:

  • OWASP Top 10

  • National Institute of Standards and Technology (NIST)

  • PTES (Penetration Testing Execution Standard)

  • OSSTMM

• Support environments operating under Health Insurance Portability and Accountability Act (HIPAA) compliance

Reporting & Documentation

• Prepare detailed penetration testing reports including findings, exploitation methods, risk severity, and remediation recommendations

• Present findings to security and technical stakeholders

Collaboration

• Work with infrastructure, DevOps, and development teams to remediate vulnerabilities

• Provide recommendations for improving security architecture and configurations

Required Skills

Penetration Testing

• Web Application Security Testing

• API Security Testing

• Infrastructure Penetration Testing

• Cloud Security Testing

• Internal & External Network Penetration Testing

Tools
Experience with tools such as:

• Burp Suite

• Metasploit

• Nmap

• Nessus / OpenVAS

• OWASP ZAP

• Wireshark

• Kali Linux

Cloud & Infrastructure

• Security testing in AWS, Azure, or Google Cloud Platform

• Understanding of network segmentation, firewall rules, and identity management

Scripting (Preferred)

• Python

• Bash

• PowerShell

Preferred Certifications

• OSCP (Offensive Security Certified Professional)

• CEH (Certified Ethical Hacker)

• GPEN (GIAC Penetration Tester)

• GWAPT

• CISSP

Experience Requirements

• 5+ years of penetration testing or offensive security experience

• Experience testing enterprise-scale environments and multi-data center infrastructures

• Experience in regulated industries such as healthcare (HIPAA preferred)

Thanks

Navya