Job Description
Penetration Testing Engineer (Application, Network & Cloud Security)
Remote
Rate Upto $60/hr on C2C
Position Summary
We are seeking an experienced Penetration Testing Engineer to identify and validate security vulnerabilities across applications, networks, APIs, and cloud environments. The role involves conducting internal and external penetration testing across enterprise systems and simulating real-world attack scenarios to proactively identify and mitigate security risks.
The ideal candidate will have strong experience performing structured penetration testing aligned with recognized security frameworks and experience working in regulated environments such as healthcare.
Key Responsibilities
- Penetration Testing & Security Assessments
- Perform application penetration testing for web, mobile, and API-based applications
- Conduct Internal Network Penetration Testing (INPT) across corporate infrastructure
- Conduct External Network Penetration Testing (ENPT) for internet-facing systems
- Execute cloud security penetration testing across AWS, Azure, or Google Cloud Platform environments
- Identify vulnerabilities related to authentication, authorization, configuration weaknesses, and insecure integrations
- Vulnerability Analysis
- Validate vulnerabilities discovered through automated scanning tools
- Perform manual exploitation and proof-of-concept validation
- Assess risks across network infrastructure, applications, APIs, and cloud services
- Compliance & Framework Alignment
- Conduct testing aligned with security frameworks such as:
- OWASP Top 10
- National Institute of Standards and Technology (NIST)
- PTES (Penetration Testing Execution Standard)
- OSSTMM
- Support environments operating under Health Insurance Portability and Accountability Act (HIPAA) compliance
- Reporting & Documentation
- Prepare detailed penetration testing reports including findings, exploitation methods, risk severity, and remediation recommendations
- Present findings to security and technical stakeholders
- Collaboration
- Work with infrastructure, DevOps, and development teams to remediate vulnerabilities
- Provide recommendations for improving security architecture and configurations
Required Skills
- Penetration Testing
- Web Application Security Testing
- API Security Testing
- Infrastructure Penetration Testing
- Cloud Security Testing
- Internal & External Network Penetration Testing
- ToolsExperience with tools such as:
- Burp Suite
- Metasploit
- Nmap
- Nessus / OpenVAS
- OWASP ZAP
- Wireshark
- Kali Linux
- Cloud & Infrastructure
- Security testing in AWS, Azure, or Google Cloud Platform
- Understanding of network segmentation, firewall rules, and identity management
- Scripting (Preferred)
- Python
- Bash
- PowerShell
- Preferred Certifications
- OSCP (Offensive Security Certified Professional)
- CEH (Certified Ethical Hacker)
- GPEN (GIAC Penetration Tester)
- GWAPT
- CISSP
- Experience Requirements
- 5+ years of penetration testing or offensive security experience
- Experience testing enterprise-scale environments and multi-data center infrastructures
- Experience in regulated industries such as healthcare (HIPAA preferred)
Thanks
Navya
Apply tot his job
Apply To this Job