Job Description
Job Title: Senior Penetration Tester (Red Team Focus) Location: Remote (USA) Duration: Long-term Contract Employment Type: Independent Contractor Only Job Summary: We are seeking a highly skilled and certified Penetration Tester for a long-term remote engagement. The ideal candidate has over 3 years of hands-on experience focusing on web applications, APIs, and adversary simulation. You must be an independent contractor with the ability to legally work in the United States without sponsorship. Key Responsibilities: β’ Execute hands-on penetration testing with a specific focus on Web Applications and APIs. β’ Participate in Red Team engagements and adversary simulation exercises. β’ Identify and exploit vulnerabilities including XSS, SQLi, CSRF, SSRF, authentication/authorization flaws, and business logic issues. β’ Collaborate with Blue Teams for Purple Team exercises to improve organizational security posture. β’ Utilize industry-standard tools (Burp Suite, Nmap, Metasploit) and develop custom scripts to identify security weaknesses. β’ Document and present findings clearly to both technical and non-technical stakeholders. Required Qualifications: β’ Education: Bachelorβs Degree is required. β’ Experience: 3+ years of professional penetration testing experience. β’ Work Authorization: Must be legally authorized to work in the United States without the need for employment sponsorship now or in the future. β’ Contract Status: Must be willing to work as an Independent Contractor. Technical Skills & Expertise: β’ Methodologies: Deep understanding of the OWASP Top 10, web application security architecture, and common attack vectors. β’ Tools: Proficiency with Burp Suite, Nmap, Metasploit, and similar offensive tools. β’ Scripting: Experience with Python, PowerShell, Bash, or similar for tool customization and automation. β’ Advanced Domains: Experience with Cloud-based application testing, Mobile application security, or Social Engineering is highly preferred. Mandatory Certifications: Candidates must hold the following certifications: β’ OSCP (Offensive Security Certified Professional) β’ OSWE (Offensive Security Web Expert) β’ CRTO (Certified Red Team Operator) Soft Skills: β’ Excellent written and verbal communication skills. β’ Ability to translate complex technical findings into actionable business insights. Apply tot his job