Senior Penetration Tester

🔥 3 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

BreachLock Inc

WebsiteLinkedInAll Job Openings

51 - 200 employees

Founded 2019

🔒 Cybersecurity

☁️ SaaS

Cybersecurity • SaaS • AI

BreachLock Inc. is a cybersecurity company specializing in Penetration Testing as a Service (PTaaS) and Attack Surface Management (ASM). They offer comprehensive and continuous security testing solutions, including penetration testing, red teaming, and application security testing. BreachLock Inc. is recognized for their advanced PTaaS platform that utilizes AI and NLP-based models to ensure precision and quality in identifying vulnerabilities. Their services are trusted by enterprises worldwide for discovering, prioritizing, and mitigating security exposures across internal and external attack surfaces. With numerous certifications and recognitions, BreachLock focuses on providing high ROI security services for a wide range of industries, ensuring robust defense mechanisms against potential cyber threats.

📋 Description

• Execute web application, API and mobile penetration tests with a focus on manual testing beyond automated scanning — business logic, authentication abuse, authorization flaws, and injection chains • Conduct internal network assessments, external network assessments and assumed breach engagements, including Active Directory enumeration, lateral movement, privilege escalation, and post-exploitation • Leverage frameworks including MITRE ATT&CK, PTES, and OWASP to structure assessments and findings • Develop and contribute to internal tooling — automation scripts, reporting utilities, and workflow improvements using Python, Bash, or similar • Participate in QA review cycles, providing structured feedback on findings, CVSS scoring accuracy, and report quality • Mentor junior testers through technical guidance and finding review • Collaborate with delivery leadership on scoping, client kickoff calls, and remediation guidance

🎯 Requirements

• 3–5 years of professional penetration testing experience in a delivery or consulting context • Strong web application and API testing fundamentals — Burp Suite proficiency, OWASP Top 10 and beyond, authentication and session management testing • Solid internal network assessment skills — AD enumeration, Kerberoasting, NTLM relay, ADCS misconfigurations, assumed breach methodology • Proficiency in scripting and automation (Python, PowerShell, Bash) • Strong written communication — capable of writing clear, accurate, well-scoped findings independently • Familiarity with PTaaS delivery models or platform-based reporting workflows is a plus • US-based and eligible to work without sponsorship

🏖️ Benefits

• Competitive compensation and performance-based equity opportunities • Flexible work hours with hybrid remote options • Opportunity to work with international cybersecurity experts • Strong career progression in a rapidly expanding early-stage company • Exposure to cutting-edge research, tools, and techniques in offensive security