SENIOR PENETRATION TESTER
Jobgether
Full-timesenior€115,000-150,000/year
Job description
Accountabilities:
In this role, you will lead and execute advanced penetration testing activities across enterprise systems, with a strong focus on identifying vulnerabilities, validating security controls, and improving overall cyber defense posture.
• Conduct end-to-end penetration testing on web applications, APIs, and backend systems, including authentication, authorization, and business logic testing
• Analyze system architecture, network behavior, and application workflows to identify exploitable weaknesses and security gaps
• Simulate advanced persistent threats and adversary tactics to assess system resilience and detection capabilities
• Document findings in detailed technical reports and communicate risks clearly to both technical and non-technical stakeholders
• Collaborate with engineering and security teams to support remediation, validation testing, and security improvement efforts
• Stay current with emerging vulnerabilities, exploit techniques, and offensive security methodologies
• Develop scripts and automation to enhance testing efficiency and repeatability where applicable
• Contribute to security research, proposal efforts, and enterprise cybersecurity initiatives
Requirements
The ideal candidate brings strong hands-on penetration testing experience, deep technical security knowledge, and the ability to communicate complex findings clearly across teams.
• 4–5+ years of experience in cybersecurity with at least 3 years focused on penetration testing, vulnerability assessment, or adversary simulation
• Strong understanding of OWASP Top 10, API Security Top 10, and common web and application attack vectors
• Hands-on experience with tools such as Kali Linux, Burp Suite, Metasploit, and related security frameworks
• Experience testing APIs and web services (REST, SOAP, JSON, XML, token-based authentication)
• Solid understanding of operating systems (Windows, Linux, macOS), Active Directory, and network protocols (TCP/IP, DNS, HTTP/S, etc.)
• Ability to produce clear, structured technical reports and communicate findings effectively to diverse audiences
• Familiarity with NIST and FISMA frameworks and compliance requirements
• Basic scripting/automation skills for security testing workflows
• Experience working in collaborative security environments (SOC, red team, or cyber defense operations)
• Bachelor’s degree in a related field or equivalent professional experience
• Active or obtainable Public Trust clearance required
Preferred qualifications include certifications such as OSCP, GPEN, GWAPT, CEH, or similar, as well as experience with exploit development, threat emulation, or advanced persistent threat analysis.
Benefits
• Remote-first work arrangement within the United States
• Competitive annual salary range: $115,000 – $150,000
• Opportunity to support high-impact national cybersecurity initiatives
• Exposure to advanced threat environments and enterprise-scale systems
• Collaborative, mission-driven security engineering culture
• Professional growth in offensive security and advanced penetration testing domains
• Eligibility for clearance sponsorship (subject to approval).
How Jobgether works:
We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.
We appreciate your interest and wish you the best!
Why Apply Through Jobgether?
Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.
#LI-CL1