Senior Penetration Tester
Software Engineer (Engineering)
5 - 10 yrs
Full Time
$80,000 - $85,000
Overview

We're hiring a Senior Penetration Tester with a strong background in network penetration testing. In this role, you'll lead assessments, simulate attacker behavior, and produce deliverables to improve clients' security posture.

Responsibility
  • Plan and execute internal and external network penetration tests (cloud, on- premise, hybrid)
  • Perform reconnaissance, exploitation, lateral movement, and post-exploitation activities
  • Deliver well-written, technically sound reports with risk summaries and mitigation advice
  • Participate in client calls, including kickoffs, status updates, remediation meetings, and executive reviews
  • Maintain clear written communication with clients during the engagement
  • Support the sales team with scoping, effort estimation, and technical input
  • Stay current with attacker tools, techniques, and threat trends
  • Contribute to web or mobile application testing projects as needed
Ideal Candidate Qualities
  • A Senior Penetration Tester with a strong background in network penetration testing. The ideal candidate is highly professional, communicative, and technically capable.
Requirements
  • Fluent in English with excellent communication skills (written and verbal)
  • Completion of practical labs (e.g., Hack The Box, TryHackMe, OffSec Proving Grounds)
  • Professional experience in network penetration testing, red teaming, or adversary simulation
  • Strong knowledge of Active Directory, network protocols, common misconfigurations, and lateral movement techniques
  • Proficiency with tools such as Nmap, BloodHound, NetExec, Cobalt Strike, Sliver, or similar
  • Comfortable leading client engagements independently and representing the company in a consultative capacity
Would love to see
  • Experience in web or mobile application testing, including OWASP Top 10, WSTG, or MASVS methodologies
  • Familiarity with tools such as Burp Suite, ZAP, Postman, Fiddler, browser dev tools, or mobile proxies
  • Understanding of common vulnerabilities like IDOR, CSRF, XSS, insecure storage, etc.
  • Scripting or tooling experience (e.g., Python, PowerShell, Go)
  • Industry certifications such as OSCP, OSEP, PNPT, CRTP, or similar
  • Public contributions (e.g., writeups, tools, blogs, research)
  • Experience mentoring team members or speaking at meetups/conferences

About this Job

Job posted

Jul 01, 2025

Job type

Full Time,

Locations

Canada, Mexico, Brazil

Primary role

Software Engineer

Skills Needed

NmapCross-browser testing

About Company

Industry

Technology

Company size

10-50

Apply to top-paying remote full-time jobs

Become a part of cosmogence talent pool.