Cybersecurity Engineer 3 (Penetration Tester)

Overview

Remote
Depends on Experience
Contract - W2
Contract - 12 Month(s)

Skills

Penetration Testing
Burp Suite
Cybersecurity
web application testing
web application
GWAPT
OSCP
GPEN

Job Details

Job Title: Cybersecurity Engineer 3 (Penetration Tester)
Location: 100% Remote (time zone flexibility; PST not required)

Team: Join a team of 8 other penetration testers; work is largely independent.

Degree: Not required if equivalent experience is demonstrated.

Hiring Process: 2 3 rounds of interviews

Round 1: Behavioral based with hiring manager (light technical)

Round 2: Technical interview with team members

Round 3 (if needed): Additional technical deep dive

Job Description

The Penetration Tester will be part of the Corporate Information Security (CIS) Security Operations team and play a key role in attack surface management of global computing assets. This role focuses heavily on web application penetration testing, identifying security gaps, and delivering clear, actionable reports to stakeholders for remediation.

The ideal candidate is hands-on, detail-oriented, and brings strong ethical standards to ensure systems are protected against real-world threats.

Key Responsibilities

  • Perform web application, API, and network penetration testing within defined scope and rules of engagement.
  • Conduct deep-dive assessments on web applications to identify vulnerabilities and potential exploit paths.
  • Document findings with strong written communication, preparing detailed reports to guide remediation.
  • Provide technical guidance for remediation of findings, collaborating with other CIS teams as necessary.
  • Partner with CIS groups such as Incident Response, Governance, Risk, and Threat Intelligence to support overall security initiatives.

Qualifications

  • 4+ years of IT professional experience, with 2+ years specifically in penetration testing.
  • Strong understanding of application development, networking, systems administration, and security practices.
  • Hands-on experience with BURP Suite for web application testing.
  • Solid knowledge of web application development, common vulnerabilities, and remediation techniques.
  • Familiarity with open-source and commercial testing tools (e.g., web interception proxies, packet capture, debugging, API interaction).
  • Experience performing security tasks in cloud environments (AWS or Azure).
  • Excellent verbal and especially written communication skills for reporting technical findings.
  • Self-motivated, highly ethical, with strong urgency, accountability, and integrity.

Preferred Qualifications

  • Certifications such as GIAC Web Application Penetration Tester (GWAPT), Offensive Security Certified Professional (OSCP), or GIAC Penetration Tester (GPEN).
  • Experience working in large-scale environments with diverse technologies.
  • Ability to automate technical tasks using APIs or scripting.

Best regards,
Adnan
Talent Acquisition Team

The Planet Group

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.