Senior Penetration Tester - Application Security

Our client is seeking a highly skilled and motivated Senior Penetration Tester to join their elite cybersecurity team. This is a fully remote position, allowing you to contribute to global security efforts from your home office. You will be responsible for conducting in-depth penetration tests on web applications, APIs, mobile applications, and cloud environments to identify vulnerabilities and provide actionable remediation recommendations. The ideal candidate will have a deep understanding of common attack vectors, exploitation techniques, and security assessment methodologies. You will play a critical role in strengthening the security posture of our client's digital assets and protecting them from cyber threats. This role requires a passion for offensive security and a commitment to continuous learning in the rapidly evolving cybersecurity landscape.

Key Responsibilities: Conduct comprehensive penetration tests on web applications, APIs, mobile applications, and cloud infrastructure. Identify, analyze, and exploit security vulnerabilities using a variety of tools and techniques. Perform security assessments, vulnerability scans, and code reviews. Develop detailed reports outlining findings, risks, and prioritized remediation recommendations. Collaborate with development and engineering teams to discuss vulnerabilities and assist in remediation efforts. Stay current with the latest security threats, attack vectors, and penetration testing methodologies. Contribute to the development and improvement of the penetration testing program and tools. Research and test new security technologies and approaches. Maintain accurate documentation of test plans, methodologies, and findings. Participate in threat modeling and security architecture reviews. Mentor junior penetration testers and share knowledge within the team. Qualifications: Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience. Minimum of 5-7 years of experience in penetration testing and application security. Demonstrated experience with security assessment tools (e.g., Burp Suite, OWASP ZAP, Nessus, Metasploit). In-depth knowledge of common web vulnerabilities (e.g., OWASP Top 10), mobile security risks, and cloud security principles. Proficiency in scripting languages (e.g., Python, PowerShell, Bash) for security automation and tool development. Strong understanding of network protocols, operating systems, and common attack techniques. Relevant security certifications such as OSCP, CEH, CISSP, GPEN, or GWAPT are highly desirable. Excellent analytical, problem-solving, and report-writing skills. Strong communication and interpersonal skills, with the ability to explain complex technical issues clearly. Ability to work independently and manage time effectively in a remote setting. Our client offers a highly competitive salary, comprehensive benefits, and the opportunity to work on challenging security projects with a world-class team. This is an exceptional opportunity for a talented penetration tester to advance their career in a dynamic and rewarding remote role.