Remote Senior Penetration Tester

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Senior Penetration Tester - REMOTE. In this role, you will drive security assessments, helping to identify and mitigate risks across various platforms. You will be at the forefront of safeguarding critical information, working collaboratively with diverse teams to enhance security postures. This position requires technical expertise in penetration testing and offensive security, with the goal of demonstrating real-world risks and providing actionable insights for improvements. Your contributions will be essential in supporting compliance and ensuring robust security practices within the organization.

• Plan, execute, and document penetration tests against networks, systems, web applications, APIs, databases, and cloud environments.
• Conduct internal, external, authenticated, unauthenticated, and adversary-simulation testing activities.
• Perform exploitation, post-exploitation, and privilege escalation to demonstrate real-world risk.
• Validate vulnerability scan findings and identify false positives and chained attack paths.
• Conduct application penetration testing aligned with OWASP Top 10 and NIST guidance.
• Support red team and purple team exercises in coordination with SOC and Incident Response teams.
• Analyze attacker techniques using MITRE ATT&CK and document TTPs and attack paths.
• Develop detailed penetration test reports including executive summaries, risk ratings, and remediation guidance.
• Provide technical remediation guidance to system owners, engineers, developers, and ISSOs.
• Validate remediation effectiveness through retesting and evidence review.
• Support compliance testing requirements related to FISMA, RMF, and continuous monitoring.
• Maintain strict rules of engagement, authorization documentation, and testing approvals.

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
• Minimum 5–8 years of experience performing penetration testing or offensive security assessments.
• Hands-on experience testing enterprise networks, applications, and cloud environments.
• Strong knowledge of attack techniques, exploitation frameworks, and post-exploitation methods.
• Experience with federal environments and vulnerability management programs preferred.
• Strong understanding of NIST SP 800-53, NIST SP 800-30, and vulnerability management processes.
• Excellent analytical, documentation, and communication skills.
• OSCP, GPEN, CEH, or GXPN preferred.

• Flexible working hours and remote work environment.
• Opportunities for professional development and certifications.
• Collaborative and supportive team culture.
• Access to the latest tools and technologies.
• Comprehensive health insurance and wellness programs.
• Competitive salary and performance-based bonuses.

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role\'s core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.