Penetration Tester

Overview

On Site
Accepts corp to corp applications
Contract - W2
Contract - Independent

Skills

Checkmarx
Burp Suite
ZAP
AppScan
WebInspect
Acunetix

Job Details

Cerebra Consulting Inc is a System Integrator and IT Services Solution provider with a focus on Big Data, Business Analytics, Cloud Solutions, Amazon Web Services, Salesforce, Oracle EBS, Peoplesoft, Hyperion, Oracle Configurator, Oracle CPQ, Oracle PLM and Custom Application Development. Utilizing solid business experience, industry-specific expertise, and proven methodologies, we consistently deliver measurable results for our customers. Cerebra has partnered with leading enterprise software companies and cloud providers such as Oracle, Salesforce, Amazon and able to leverage these partner relationships to deliver high-quality, end-to-end customer solutions that are targeted to the needs of each customer.

Role: Penetration Tester

Location: Minnetonka, MN (Hybrid- 3 Days a week)

Contract Duration: 12+ Months

We need at least 1 certification mention in the JD.

Key Responsibilities

  • Perform manual and automated penetration testing of web and mobile applications.
  • Lead security assessments using DAST and SAST tools (e.g., Burp Suite, ZAP, Checkmarx, AppScan, WebInspect, Acunetix).
  • Evaluate and secure cloud environments (AWS and Azure) including EC2, S3, RDS, VNets, and Azure DevOps pipelines.
  • Conduct API security reviews, enforce secure coding practices, and validate implementations against best practices.
  • Perform code reviews in Python, Java, PHP, Perl, and Objective-C to identify vulnerabilities.
  • Provide architecture-level feedback on SSL/TLS, networking, load balancing, and ACL configurations.
  • Develop and maintain Application Security Programs with a focus on CI/CD integration and secure SDLC.
  • Lead scoping calls with stakeholders, define testing approaches, and present findings/reports.
  • Actively research emerging exploits and contribute to vulnerability discovery (e.g., CTF, Hack the Box).
  • Collaborate with engineering and product teams to ensure remediation strategies are adopted.

Required Skills

  • 8+ Years of experience.
  • Strong knowledge of OWASP Top 10, NIST, and secure SDLC.
  • Proficiency in penetration testing tools: Burp Suite, Metasploit, ZAP, Checkmarx, AppScan.
  • Hands-on cloud security expertise in AWS (EC2, S3, RDS, KMS) and Azure security architecture.
  • Strong programming background in Python, Java, PHP, Perl, Objective-C for code review and exploit development.
  • In-depth knowledge of network security concepts: SSL/TLS, TCP/IP, ACLs, routing, load balancing.
  • Familiarity with LAMP, LEMP, and MEAN stacks from a security perspective.
  • Excellent communication skills for both technical and business stakeholders.

Required Certifications

  • OSCP / OSWA / CEH, or SANS (GWAPT, GPEN, GWEB)

Syed Waseem

Technical Recruiter

Cerebra Consulting Inc, 270 lancaster Ave, Suite-D2, Malvern, PA 19355

Phone| Fax|

Email |

Website|

PARTNERS| Oracle | Amazon | Salesforce | Hortonworks | Cloudera | Map

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.