Senior Penetration Tester (Red Team Focus): Remote (USA): Independent Contractor Only

Overview

Remote
Depends on Experience
Contract - W2
Contract - Independent
Contract - 12 Month(s)
No Travel Required
Unable to Provide Sponsorship

Skills

OSCP
OWASP
Penetration Testing
Python

Job Details

Job Title: Senior Penetration Tester (Red Team Focus)
Location: Remote (USA)
Duration: Long-term Contract
Employment Type: Independent Contractor Only

Job Summary: We are seeking a highly skilled and certified Penetration Tester for a long-term remote engagement. The ideal candidate has over 3 years of hands-on experience focusing on web applications, APIs, and adversary simulation. You must be an independent contractor with the ability to legally work in the United States without sponsorship.

Key Responsibilities:

  • Execute hands-on penetration testing with a specific focus on Web Applications and APIs.

  • Participate in Red Team engagements and adversary simulation exercises.

  • Identify and exploit vulnerabilities including XSS, SQLi, CSRF, SSRF, authentication/authorization flaws, and business logic issues.

  • Collaborate with Blue Teams for Purple Team exercises to improve organizational security posture.

  • Utilize industry-standard tools (Burp Suite, Nmap, Metasploit) and develop custom scripts to identify security weaknesses.

  • Document and present findings clearly to both technical and non-technical stakeholders.

Required Qualifications:

  • Education: Bachelor’s Degree is required.

  • Experience: 3+ years of professional penetration testing experience.

  • Work Authorization: Must be legally authorized to work in the United States without the need for employment sponsorship now or in the future.

  • Contract Status: Must be willing to work as an Independent Contractor.

Technical Skills & Expertise:

  • Methodologies: Deep understanding of the OWASP Top 10, web application security architecture, and common attack vectors.

  • Tools: Proficiency with Burp Suite, Nmap, Metasploit, and similar offensive tools.

  • Scripting: Experience with Python, PowerShell, Bash, or similar for tool customization and automation.

  • Advanced Domains: Experience with Cloud-based application testing, Mobile application security, or Social Engineering is highly preferred.

Mandatory Certifications: Candidates must hold the following certifications:

  • OSCP (Offensive Security Certified Professional)

  • OSWE (Offensive Security Web Expert)

  • CRTO (Certified Red Team Operator)

Soft Skills:

  • Excellent written and verbal communication skills.

  • Ability to translate complex technical findings into actionable business insights.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Source Code Technologies LLC