Penetration Tester

About TestPros

TestPros, established in 1988, is a successful and growing business providing Information Technology (IT) technical support services to a diverse range of Commercial and U.S. Federal, State, and Local Government customers. Their expertise spans Program Management, Cyber Security, NIST SP 800-171 Assessment and Compliance, ATO Support, Computer Forensics, Software Assurance, Software Testing, Section 508 / WCAG / ADA Accessibility Assessment, and more. TestPros is dedicated to making lives better, safer, and more secure, delivering innovative independent IT assessment solutions to critical challenges within the continental USA.

TestPros is an Equal Opportunity Employer.

Position: Penetration Tester

This is a part-time position, available on an as-needed basis, either 1099 or Corp. to Corp.

Job Summary

TestPros is seeking an experienced Penetration Tester professional to contribute to IT Security consulting work across various Commercial and Federal consulting services projects. This role is crucial for the successful delivery of penetration testing in both classic hosted and cloud hosted environments. The selected candidate will collaborate with client product development teams to plan, execute, and report on penetration testing results. The ideal candidate will be delivery and efficiency-focused, capable of managing all aspects of a consulting project, including requirements analysis, bid and proposal development, resource planning, process improvement, and customer relationship management. This role thrives in a fast-paced environment that values personal responsibility and open, direct, respectful communications.

Key Responsibilities

• Conduct complete penetration tests, report on findings, and provide actionable improvement recommendations.
• Ensure high customer satisfaction through the delivery of quality consulting services for commercial and federal government projects.
• Elicit and understand customer requirements, converting them into technical service solutions.
• Accurately estimate time and cost for individual projects.
• Foster an environment of continuous learning, innovation, and excellence.
• Collaborate closely with development teams, product managers, and customer success teams to ensure successful project delivery.
• Develop, review, and approve formal statements of work, change requests, and proposals.
• Generate timely reports and documentation to monitor progress.
• Effectively collaborate with peers and leadership to achieve team, corporate, and client objectives.
• Provide expert answers to developer, designer, and content contributor questions regarding IT Security requirements.

Experience and Qualifications

• Minimum of 5 years of experience in penetration testing.
• Desired certifications include Security+, CEH, GPEN, OSCP, AWS, or equivalent.
• Strong understanding of OWASP Top 10 and industry best practices for penetration testing.
• Comprehensive understanding of all aspects of Penetration Testing, with an emphasis on white box testing, black box testing, internal/external networks, web applications, and application/code review.
• Familiarity with Pen Test methodologies such as OSSTMM, OWASP, PTES, FedRAMP Penetration Test Guide, and NIST.
• Proficient with command line interfaces of multiple operating systems (Windows, macOS, Linux, etc.).
• Solid understanding of manual scripting and scripting languages (e.g., Python, Bash, PowerShell, C/C++).
• Proficient with commercial and open-source penetration testing tools (e.g., Metasploit, Nikto, SQLMAP, Responder, Nessus, Netcat, Burp Suite).
• Proven ability to conduct and document vulnerability scans and penetration testing on web-based applications and their underlying hosts.
• Demonstrated ability to perform computer network vulnerability assessment and penetration testing.
• Understanding of risk planning and mitigation strategies.
• Ability to prepare and present professional documents and briefing materials.
• Advise on emerging threats to technologies and environments, providing mitigation steps.
• Provide security guidance on the design, deployment, and architecture of web-based and cloud hosted applications.
• Participate actively in technical discussions and collaborate with team members.
• Exceptional communication skills, both oral and written.
• Strong customer service skills.
• Strong organizational and time-management skills with the ability to manage multiple tasks while maintaining attention to detail.
• A strong work ethic and self-starter attitude, capable of thriving in a fast-paced environment.
• Bachelor’s degree in a related field or equivalent work experience and advanced certifications.

Benefits

TestPros offers a competitive salary, comprehensive medical/dental/vision insurance, life insurance, disability insurance, paid time off, paid holidays, a 401(k) retirement plan with company match, opportunities for professional growth, cell phone discounts, and more. Benefits are subject to TestPros current policies and are available to full-time employees.

Key skills/competency

• Penetration Testing
• Vulnerability Assessment
• Cloud Security
• Web Application Security
• OWASP Top 10
• Scripting (Python, Bash, PowerShell)
• Metasploit
• Burp Suite
• NIST
• Client Consulting