Senior Penetration Tester (Red Team Focus): Remote (USA): Independent Contractor Only

Job Title: Senior Penetration Tester (Red Team Focus) Location: Remote (USA) Duration: Long-term Contract Employment Type: Independent Contractor Only Job Summary: We are seeking a highly skilled and certified Penetration Tester for a long-term remote engagement. The ideal candidate has over 3 years of hands-on experience focusing on web applications, APIs, and adversary simulation. You must be an independent contractor with the ability to legally work in the United States without sponsorship. Key Responsibilities: • Execute hands-on penetration testing with a specific focus on Web Applications and APIs. • Participate in Red Team engagements and adversary simulation exercises. • Identify and exploit vulnerabilities including XSS, SQLi, CSRF, SSRF, authentication/authorization flaws, and business logic issues. • Collaborate with Blue Teams for Purple Team exercises to improve organizational security posture. • Utilize industry-standard tools (Burp Suite, Nmap, Metasploit) and develop custom scripts to identify security weaknesses. • Document and present findings clearly to both technical and non-technical stakeholders. Required Qualifications: • Education: Bachelor’s Degree is required. • Experience: 3+ years of professional penetration testing experience. • Work Authorization: Must be legally authorized to work in the United States without the need for employment sponsorship now or in the future. • Contract Status: Must be willing to work as an Independent Contractor. Technical Skills & Expertise: • Methodologies: Deep understanding of the OWASP Top 10, web application security architecture, and common attack vectors. • Tools: Proficiency with Burp Suite, Nmap, Metasploit, and similar offensive tools. • Scripting: Experience with Python, PowerShell, Bash, or similar for tool customization and automation. • Advanced Domains: Experience with Cloud-based application testing, Mobile application security, or Social Engineering is highly preferred. Mandatory Certifications: Candidates must hold the following certifications: • OSCP (Offensive Security Certified Professional) • OSWE (Offensive Security Web Expert) • CRTO (Certified Red Team Operator) Soft Skills: • Excellent written and verbal communication skills. • Ability to translate complex technical findings into actionable business insights. Apply tot his job