Back to positions

Web Application Penetration Tester – Cybersecurity Remote

Remote role Full-time Open position

Job Description:

  • Conduct penetration testing, ethical hacking, and security assessments on web applications, networks, cloud infrastructures (AWS, Azure, GCP), and enterprise IT environments.
  • Identify and exploit vulnerabilities such as SQL Injection (SQLi), Cross-Site Scripting (XSS), Server-Side Request Forgery (SSRF), Remote Code Execution (RCE), and Insecure Direct Object References (IDOR).
  • Perform network security assessments, including port scanning, vulnerability analysis, privilege escalation, and Active Directory (AD) security testing.
  • Utilize cybersecurity tools such as Burp Suite, Metasploit, Nmap, Wireshark, Nessus, Acunetix, Kali Linux, and BloodHound for in-depth security evaluations.
  • Develop and execute custom scripts, automation tools, or exploits for penetration testing scenarios.
  • Conduct post-exploitation analysis, privilege escalation, and persistence techniques.
  • Provide detailed security reports, risk assessments, remediation plans, and mitigation strategies to enhance security posture.
  • Stay updated on zero-day vulnerabilities, exploit development, cloud security threats, and emerging cyberattack techniques.

Requirements:

  • Hands-on experience in penetration testing, web security, vulnerability assessments, and red teaming.
  • Strong understanding of ethical hacking methodologies including OSSTMM, OWASP Top 10, PTES, NIST, MITRE ATT&CK, and CIS Benchmarking.
  • Proficiency in web application security testing, cloud security (AWS, Azure, GCP), and API security.
  • Experience in network security, firewall evasion, social engineering, and Wi-Fi security testing.
  • Knowledge of reverse engineering, malware analysis, exploit development, and buffer overflow techniques is a plus.
  • Familiarity with Active Directory attacks, Kerberoasting, Pass-the-Hash, Mimikatz, BloodHound, and PowerShell Empire is highly desirable.
  • Proficiency in scripting/programming (Python, Bash, PowerShell, JavaScript, or C) for security automation and exploit development.
  • Relevant certifications such as OSCP, OSCE, OSEP, CRTP, CEH, GPEN, CISSP, eWPTX, or GXPN are highly preferred.

Benefits: Apply To This Job

Apply

Further positions

Staff Technical Program Manager, Monetization Data Science

Remote role Full-time

Remote Senior Scrum Master, Agile Delivery (Enterprise Data / Transformation)

Remote role Full-time

Scrum Master Remote / Telecommute Jobs

Remote role Full-time

Product Designer – New User Experience (Fintech / Payments)

Remote role Full-time

Staff Product Designer – Platform, Design Systems

Remote role Full-time

Freelance Illustrator – Fashion Brand (Remote)

Remote role Full-time

Opportunity || Motion Designer || Remote (PST hours preferred).

Remote role Full-time

Grant Researcher & Grant Writer Needed – Environmental Nonprofit / Reforestation Project - Contract to Hire

Remote role Full-time

B2B Marketing Manager(Remote US)

Remote role Full-time

Data Entry Specialist (FedEx Jobs) - Remote, Part-Time, No Experience Required

Remote role Full-time

Technical Accounting Expert — Revenue Recognition & Leases - AI Research

Remote role Full-time

Gestionnaire du développement logiciel

Remote role Full-time

Experienced Special Needs Healthcare Customer Advisor – National Remote

Remote role Full-time

Experienced Data Entry Clerk Night Shift – Remote Opportunity at arenaflex

Remote role Full-time

Salesforce Developer (Remote - must be in the MD/DC/VA area )

Remote role Full-time

Experienced Full Stack Windows Administrator and Automation Developer – Web & Cloud Application Development

Remote role Full-time

Warehouse Material Handler - 3rd shift

Remote role Full-time

Experienced Live Chat Support Agent – Remote Customer Service Representative

Remote role Full-time

Experienced Data Entry Operator & Office Administrator – Remote US Team Member

Remote role Full-time

Lead Technology Project & Program Manager

Remote role Full-time