Mid-Level Penetration Tester - 0122 SS #9


Fully Remote Job
Posted On: January 22, 2026
Last Day to Apply: February 05, 2026
Pay: $50.00 per hour

Job Title: Mid-Level Penetration Tester

Work Type: Remote
Contract Duration: 6–12 Months

Job Summary

We are seeking a Mid-Level Penetration Tester who can independently deliver penetration testing engagements while serving as a technical anchor for junior team members. This role combines hands-on technical execution, client-facing communication, and risk-based judgment within enterprise and regulated environments. The position is responsible for ensuring high-quality, end-to-end delivery of penetration testing engagements.

Key Responsibilities

Independent Test Delivery

  • Lead and execute penetration testing engagements, including:

    • External and internal network testing

    • Web application and API security testing

    • Active Directory and identity-based attack paths

    • Cloud security testing across AWS, Azure, and GCP

  • Develop attack paths that simulate real-world adversary behavior.

  • Perform authorized exploitation, post-exploitation, and lateral movement where permitted.

Client Interaction & Engagement Support

  • Participate in pre-engagement scoping and assumptions validation.

  • Support Rules of Engagement walkthroughs.

  • Lead close-out discussions and remediation reviews.

  • Translate technical findings into clear, business-focused risk statements.

  • Support retesting activities and remediation validation.

Reporting & Quality Ownership

  • Own penetration testing reports end-to-end, including:

    • Executive summaries

    • Risk prioritization

    • Actionable remediation guidance

  • Ensure deliverables meet internal quality standards and client expectations.

  • Review junior tester outputs and provide corrective guidance as needed.

Mentorship & Practice Development

  • Provide on-the-job coaching and guidance to junior penetration testers.

  • Contribute to internal methodologies, tooling enhancements, and reusable attack playbooks.

  • Support effort estimation and scoping inputs for future engagements.

Required Skills & Experience

Technical Expertise

  • Strong hands-on experience with:

    • Web application and API exploitation

    • Network and Active Directory security testing

    • Authentication and authorization vulnerabilities

    • Cloud misconfigurations and identity-related risks

  • Advanced proficiency with tools such as:

    • Burp Suite Pro

    • Metasploit

    • BloodHound

  • Scripting experience for automation or exploit development (Python preferred).

Experience

  • Minimum of 5 years of professional penetration testing experience.

  • Proven success delivering client-facing penetration testing engagements.

  • Experience working in enterprise or regulated environments preferred.

Certifications (Strongly Preferred)

  • OSCP

  • CREST CRT or CCT

  • Burp Suite Certified Practitioner

  • Cloud security certifications (AWS and/or Azure)

© 2026 Powered by TalentNest | Privacy Policy
Skip to the main content