Penetration Tester

🕒 April 30

🇺🇸 United States – Remote

⏰ Full Time

🟡 Mid-level

🟠 Senior

🔧 QA Engineer (Quality Assurance)

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Bishop Fox

WebsiteLinkedInAll Job Openings

201 - 500 employees

Founded 2007

🔒 Cybersecurity

💰 $46M Series B on 2022-11

Cybersecurity

Bishop Fox is a leader in offensive security, offering a range of continuous security solutions to protect dynamic attack surfaces. Their services include attack surface management, application penetration testing, cloud security assessments, network security, and more. They focus on proactive defense strategies, subjecting clients' networks to real-world attack scenarios to bolster security resilience. Bishop Fox collaborates with major partners like Google, Facebook, and Amazon, ensuring robust security solutions for complex ecosystems. Their commitment to advancing security is rooted in innovative research and collaboration with the broader cybersecurity community.

📋 Description

• You’re a penetration tester who knows their way around source code. • You’ve plundered apps and pillaged networks (legally, of course). • You have a passion for hacking and information security. • You’ll be working alongside our US and internationally-based teams supporting clients across multiple industries. • With Bishop Fox, your responsibilities would include testing web applications, hacking networks, and reversing software. • As a consultant, you’ll work on a variety of projects which include short-term engagements and extended program work with well-established clients. • You'll solve challenging technical problems and build creative solutions. • As a trusted advisor, you’ll provide your expert opinion to help our clients navigate difficult business decisions.

🎯 Requirements

• 4+ years experience in planning, conducting, and managing web application penetration tests • 5+ years of application security experience • Deep understanding of security fundamentals (OWASP), common vulnerabilities, and application security best practices • Skilled in vulnerability assessment and the development of exploits for diverse targets • Background in system and network security, authentication and security protocols, and applied cryptography is helpful • Experience with programming and scripting languages such as Python, Ruby, PowerShell, Java, JavaScript, etc. • Bonus if you have experience reviewing Golang source code for vulnerabilities • Proficiency with operating systems- Linux, Windows, MacOS • Experience with network and system exploitation including modern tactics, techniques, and procedures (e.g. c2 frameworks, EDR bypass, privilege escalation, password cracking, lateral movement, etc.) • Strong technical reporting and documentation skills • Advanced relevant academic training, such as a degree in Computer Science or an OSCP, is a definite bonus • Experience with AWS cloud environments preferred with an understanding of its major technologies, such as IAM, EC2, VPC, EBS, S3, CloudWatch, and Lambdas, and how to keep them secure • Secondary expertise in one or more of the following areas preferred: Cloud Security Assessments, Mobile Application Security Testing, Hybrid Application Assessments, or AI/LLM Security Assessments. Ability to communicate technical findings clearly to both technical and executive stakeholders, including actionable remediation guidance.

🏖️ Benefits

• Our comprehensive benefits program is tailored to meet your needs at an affordable price. • We embrace diversity and an inclusive culture. • We value our employees and who they are, which fosters a powerful and collective talent base.