Summary: The Sr. Penetration Tester role requires a highly experienced professional with extensive knowledge in offensive security and penetration testing. The candidate should possess a technical degree and relevant certifications, along with significant experience in customer-facing consulting roles. This position is fully remote and operates within EST work hours, focusing on vulnerability assessment and remediation in various domains, particularly in banking and financial services. The role offers a 12-month contract with a strong possibility of extension or conversion to a full-time position.
Key Responsibilities:
- Conduct penetration testing on web applications, APIs, and infrastructure.
- Remediate OWASP Top 10 and SANS Top 25 security vulnerabilities.
- Integrate security tooling into CI/CD pipelines (SAST/DAST).
- Utilize security tools such as Burp Suite Professional, Nuclei, and Caido.
- Provide customer-facing consulting engineering services.
- Report and resolve vulnerabilities using AI models.
Key Skills:
- 4-year Technical Degree (Computer Science, Cybersecurity, Software Engineering, or Computer Engineering).
- Certifications: OSCP, GPEN, GWAPT, CEH, or equivalent.
- 12+ years of IT/Engineering experience.
- 8+ years of Offensive Security (Red Team/Attack Team) Penetration Testing experience.
- 5+ years of Customer-facing/Consulting Engineering experience.
- 3+ years of CI/CD pipeline security tooling experience.
- 1 year of AI experience using Claude Mythos AI model.
Salary (Rate): £56.00 hourly
City: undetermined
Country: undetermined
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: Senior
Industry: IT
Job Title: Sr. Penetration Tester
Must Have Skills
4-year Technical Degree (Computer Science, Cybersecurity, Software Engineering, or Computer Engineering)
Certifications: OSCP, GPEN, GWAPT, CEH, or equivalent
12+ years of IT/Engineering experience (looking for a very Senior Consultant)
8+ years of Offensive Security (Red Team/Attack Team) Penetration Testing experience (3 years of Blue/Purple Team experience)
5+ years of Customer-facing/Consulting Engineering experience
5+ years of Penetration Testing experience on Web Applications, APIs, and Infrastructure
3+ years of remediating OWASP Top 10 and SANS Top 25 security vulnerabilities
3+ years of CI/CD pipeline security tooling experience (SAST/DAST integration)
3+ years of hands-on experience with security tools:
Burp Suite Professional
Nuclei
Caido
1 year of AI experience using Claude Mythos AI model for vulnerability reporting and resolution
Preferred Domain Experience
Banking / Financial Services
Regulatory
Role Eligibility
Location: 100% Remote (EST Work Hours)
Applicant Information Required
Resume/CV
Full Legal Name
Work Authorization
Expected Rate
Current Location (City & State)
LinkedIn Profile (Required)
Contact Phone Number
Email Address
Communication Skills: Must be 9/10
Interview Process
Step 1: 30-minute Hiring Manager Video Interview
Step 2: 1-hour Technical Video Interview
Available Payment Terms
W2
C2C
1099
Duration
12-month contract
High likelihood of extension or conversion to a full-time role