Penetration Tester

About TestPros

TestPros, established in 1988, is a successful and growing business dedicated to providing Information Technology (IT) technical support services to a wide range of Commercial and U.S. Federal, State, and Local Government customers. We deliver innovative independent IT assessment solutions to critical challenges, supporting clients within the continental USA and striving to make lives better, safer, and more secure. Our capabilities span Program Management, Cyber Security, Software Assurance, Software Testing, and various compliance and R&D services.

TestPros is an Equal Opportunity Employer committed to diversity and inclusion.

Position Overview: Penetration Tester

TestPros is seeking an experienced Penetration Tester professional to join our IT Security consulting team. This is a part-time (as needed, 1099 or Corp. to Corp) remote role, crucial for supporting various Commercial and Federal consulting services projects.

As a Penetration Tester, you will be responsible for the successful delivery of penetration testing in both classic hosted and cloud hosted environments. You will work closely with client product development teams to plan, execute, and report on penetration testing results. This role requires a delivery and efficiency-focused individual capable of managing all aspects of a consulting project, including requirements analysis, bid and proposal development, resource planning, process improvement, and customer relationship management. The ideal candidate thrives in a fast-paced environment that values personal responsibility and open, direct, respectful communications.

Key Responsibilities

• Conduct comprehensive penetration tests, accurately report on findings, and provide actionable improvement recommendations.
• Ensure high customer satisfaction by delivering top-quality consulting services across diverse commercial and federal government projects.
• Translate customer requirements into viable technical services solutions.
• Accurately estimate project time and cost.
• Contribute to an environment of continuous learning, innovation, and excellence.
• Collaborate effectively with development teams, product managers, and customer success teams to facilitate successful project delivery and remove roadblocks.
• Develop, review, and approve formal statements of work, change requests, and proposals.
• Generate timely reports and documentation to monitor progress.
• Collaborate with peers and company leadership to achieve team, corporate, and client objectives.
• Provide expert guidance on IT Security requirements to developers, designers, and content contributors.

Experience and Qualifications

• Minimum of 5 years of dedicated experience in penetration testing.
• Desired certifications include Security+, CEH, GPEN, OSCP, AWS, or equivalent.
• Profound understanding of OWASP Top 10 vulnerabilities and industry best practices for penetration testing.
• Comprehensive understanding of all aspects of Penetration Testing, with a strong emphasis on white box testing, black box testing, internal networks, external networks, web applications, and application/code review.
• Familiarity with various Pen Test methodologies such as OSSTMM, OWASP, PTES, FedRAMP Penetration Test Guide, and NIST.
• Proficiency with command line interfaces across multiple operating systems (Windows, macOS, Linux).
• Solid understanding and ability in manual scripting and scripting languages (e.g., Python, Bash, PowerShell, C/C++).
• Proficient in using commercial and open-source penetration testing tools (e.g., Metasploit, Nikto, SQLMAP, Responder, Nessus, Netcat, Burp Suite).
• Proven ability to conduct and document vulnerability scans and penetration testing on web-based applications and their underlying hosts.
• Strong understanding of risk planning and mitigation strategies.
• Ability to prepare and present professional documents and briefing materials.
• Advise on emerging threats to technologies and environments, providing effective mitigation steps.
• Offer security guidance on the design, deployment, and architecture of web-based and cloud-hosted applications.
• Actively participate in technical discussions and collaborate effectively with team members.
• Exceptional communication skills, both oral and written.
• Strong customer service orientation.
• Excellent organizational and time-management skills, capable of handling multiple tasks while maintaining attention to detail.
• A strong work ethic, self-starter attitude, and ability to thrive in a fast-paced environment.
• Bachelor’s degree in a related field or equivalent work experience and advanced qualifications.

Benefits

While this is a part-time, as-needed role, TestPros offers a competitive compensation structure. For full-time employees, benefits include medical/dental/vision insurance, life insurance, disability insurance, paid time off, paid holidays, 401(k) retirement plan with company match, and opportunities for professional growth.

Key skills/competency

• Penetration Testing
• Vulnerability Assessment
• OWASP Top 10
• Cyber Security
• Cloud Security
• Web Application Security
• Scripting (Python, Bash)
• Metasploit
• Burp Suite
• NIST Compliance