RemoteLeaf Logo
Log in Sign up

Senior Penetration Tester (US)

3 days, 22 hours ago
United States
Full-time
Senior
Penetration Tester
Cybersecurity
Active Directory Bash Burp Suite Cybersecurity OWASP Penetration Testing PowerShell Python SIEM
Apply Now
BreachLock

BreachLock

BreachLock provides a proactive cybersecurity solution that helps organizations identify and remediate potential vulnerabilities to prevent future cyber breaches.

Professional Services
51-250
Founded 2019
View All Jobs 6

Description

  • Execute manual penetration tests for web applications, APIs, and mobile applications, focusing on business logic flaws, authentication abuse, authorization issues, and injection chains.
  • Conduct internal and external network assessments, including assumed breach simulations.
  • Perform Active Directory enumeration, lateral movement, privilege escalation, and post-exploitation activities during internal testing.
  • Use frameworks such as MITRE ATT&CK, PTES, and OWASP to structure assessments and findings.
  • Develop and improve internal tooling, including automation scripts, reporting utilities, and workflow enhancements using Python, Bash, or similar tools.
  • Participate in QA review cycles and provide feedback on findings, CVSS scoring, and report quality.
  • Mentor junior testers by providing technical guidance and reviewing findings.
  • Collaborate with delivery leadership on scoping, client kickoff calls, and remediation guidance.

Requirements

  • 3–5 years of professional penetration testing experience in a delivery or consulting environment.
  • Strong web application and API testing fundamentals, including Burp Suite proficiency.
  • Experience testing authentication and session management, with knowledge of OWASP Top 10 and beyond.
  • Solid internal network assessment skills, including AD enumeration, Kerberoasting, NTLM relay, ADCS misconfigurations, and assumed breach methodology.
  • Proficiency in scripting and automation with Python, PowerShell, Bash, or similar languages.
  • Strong written communication skills and the ability to write clear, accurate, well-scoped findings independently.
  • Familiarity with PTaaS delivery models or platform-based reporting workflows is a plus.
  • Must be US-based and eligible to work without sponsorship.
  • Preferred experience with C2 frameworks such as Cobalt Strike, Havoc, or Sliver.
  • Active involvement in cybersecurity communities, research, or bug bounty programs is preferred.
  • Certifications such as OSCP, BSCP, CRTO, GWAPT, GPEN, or equivalent practical credentials are preferred.
  • Experience with SIEM platforms or EDR tools from an adversarial perspective is preferred.

Benefits

  • Competitive compensation with performance-based equity opportunities.
  • Flexible work hours with hybrid remote options.
  • Opportunity to work with international cybersecurity experts.
  • Strong career progression in a rapidly expanding early-stage company.
  • Exposure to cutting-edge research, tools, and techniques in offensive security.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Multiplica Talent

Consultor FCCM (Oracle Mantas) Semi Senior

Multiplica Talent 251-1K Professional Services

Consultor Semi Senior FCCM en Oracle Mantas para unirse a un equipo enfocado en proyectos de prevención y gestión de fraude financiero en entornos empresariales complejos.

Mexico Full-time Junior Penetration Tester
3 hours, 39 minutes ago
CallTek

Pentest/Retest Operator

CallTek 51-250 Internet Software & Services

This role focuses on penetration testing and vulnerability validation across networks, web applications, APIs, and infrastructure for a security-driven environment.

Philippines Full-time Mid Level Penetration Tester
Active Directory Burp Suite Linux Network Security Nmap Penetration Testing Postman Wireshark
13 hours, 32 minutes ago
CrossCountry

Director- Risk Advisory Technology

CrossCountry 251-1K Professional Services

CrossCountry’s Risk Advisory team is hiring a Director of Risk Advisory Technology in Malaysia to lead IT risk advisory and audit work across governance, controls, cybersecurity, cloud, and related technology risk areas.

Malaysia Full-time Executive Penetration Tester
Cybersecurity ERP
13 hours, 41 minutes ago
AHEAD

Senior Director, Managed Security Services and Solutions Delivery

AHEAD 1K-5K IT Services

AHEAD is hiring a Senior Director, Managed Security Services and Solutions Delivery to lead remote security operations and managed services for enterprise customers.

United States Full-time Lead Operations Manager Penetration Tester
$350k-$400k
CrowdStrike Cybersecurity Elasticsearch Linux SIEM Unix
21 hours, 21 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers