Mid-Level Penetration Tester - 0122 SS #9

Job Title: Mid-Level Penetration Tester Work Type: Remote Contract Duration: 6–12 Months Job Summary We are seeking a Mid-Level Penetration Tester who can independently deliver penetration testing engagements while serving as a technical anchor for junior team members. This role combines hands-on technical execution, client-facing communication, and risk-based judgment within enterprise and regulated environments. The position is responsible for ensuring high-quality, end-to-end delivery of penetration testing engagements. Key Responsibilities Independent Test Delivery • Lead and execute penetration testing engagements, including: • External and internal network testing • Web application and API security testing • Active Directory and identity-based attack paths • Cloud security testing across AWS, Azure, and GCP • Develop attack paths that simulate real-world adversary behavior. • Perform authorized exploitation, post-exploitation, and lateral movement where permitted. Client Interaction & Engagement Support • Participate in pre-engagement scoping and assumptions validation. • Support Rules of Engagement walkthroughs. • Lead close-out discussions and remediation reviews. • Translate technical findings into clear, business-focused risk statements. • Support retesting activities and remediation validation. Reporting & Quality Ownership • Own penetration testing reports end-to-end, including: • Executive summaries • Risk prioritization • Actionable remediation guidance • Ensure deliverables meet internal quality standards and client expectations. • Review junior tester outputs and provide corrective guidance as needed. Mentorship & Practice Development • Provide on-the-job coaching and guidance to junior penetration testers. • Contribute to internal methodologies, tooling enhancements, and reusable attack playbooks. • Support effort estimation and scoping inputs for future engagements. Required Skills & Experience Technical Expertise • Strong hands-on experience with: • Web application and API exploitation • Network and Active Directory security testing • Authentication and authorization vulnerabilities • Cloud misconfigurations and identity-related risks • Advanced proficiency with tools such as: • Burp Suite Pro • Metasploit • BloodHound • Scripting experience for automation or exploit development (Python preferred). Experience • Minimum of 5 years of professional penetration testing experience. • Proven success delivering client-facing penetration testing engagements. • Experience working in enterprise or regulated environments preferred. Certifications (Strongly Preferred) • OSCP • CREST CRT or CCT • Burp Suite Certified Practitioner • Cloud security certifications (AWS and/or Azure) Apply tot his job