Overview
Skills
Job Details
📌 Job Title: Penetration Tester
📍 Location: Remote (USA Only)
⏳ Duration: Long-Term Contract
Job Description
We are seeking an experienced Penetration Tester with strong hands-on expertise in assessing and exploiting vulnerabilities across web applications and APIs. The ideal candidate will have proven red-team or adversary simulation experience and the ability to communicate findings clearly to both technical and non-technical stakeholders.
Responsibilities
Perform penetration testing on web applications, APIs, and potentially cloud or mobile applications.
Conduct red team engagements and adversary simulation exercises.
Identify, exploit, and document security vulnerabilities including XSS, SQL Injection, CSRF, SSRF, authentication/authorization flaws, and business logic issues.
Utilize industry-standard tools including Burp Suite, Nmap, Metasploit, and custom scripts.
Collaborate with engineering, security, and blue teams to support purple team activities.
Prepare clear, detailed reports and present findings to stakeholders.
Required Qualifications
Bachelor’s Degree required.
Must be legally authorized to work in the U.S. without current or future sponsorship.
3+ years of hands-on penetration testing experience with a strong focus on web apps & APIs.
Strong understanding of OWASP Top 10, application security concepts, and common attack vectors.
Excellent communication skills (written & verbal).
Required Certifications:
OSCP
OSWE
CRTO
Preferred Qualifications
Additional certifications such as OSWEP, CRTO, eJPT.
Experience with cloud application testing, mobile security, social engineering, or threat emulation.
Scripting/programming experience in Python, PowerShell, Bash, etc.
Experience collaborating on purple team initiatives.