Contract Penetration Testers

Remote - United States

Full Time Contract
Defiant logo
Defiant
Apply now Apply later

Posted 3 weeks ago

Defiant is a cybersecurity company that delivers the best threat protection for over 3 million WordPress sites. We are a 100% remote team, fast moving, nimble, and self managed.

We are looking for contract penetration testers to join our team for a short-term project of approximately 6 weeks in duration at a minimum of 20-30 hours per week.

You will be working with our Director of Information Security along side a small team that will be testing our network infrastructure and web applications to find security vulnerabilities that an attacker could exploit.

If security is your passion and you love doing CTFs in your spare time, then you're exactly who we want to talk to.

Requirements

  • 5+ years of web application and network penetration testing experience.
  • At least 2 of the following OSCP, CEH, OSCE, GPEN, GWAPT, LPT and/or other equivalent certifications that are valid and not expired.
  • Experience with security and penetration testing tools, such as Metasploit, NMAP, Burpsuite or other various tools and vulnerability scanners.
  • Practical knowledge and experience with Linux operating systems, wordpress, wordpress plugins, API's, AWS architecture, RDS, Redis, Bash, Python, PHP, Laravel, Nginx and Apache.
  • Familiar with offensive TTPs (Tactics, Techniques and Procedures) including post-exploitation and lateral movement.
  • Familiar with the fundamentals of web applications including authentication, session management, requests, form submittal, etc.
  • Understanding and ability to exploit Cross Site Scripting, Authentication bypass/escalation, SQL injection, RCE and other common vulnerabilities.
  • Deep understanding of security fundamentals and common vulnerabilities (e.g. OWASP Top Ten).
  • Ability to create comprehensive details of findings and provide remedial recommendations after testing is complete to be compiled into the final report.
  • Thorough understanding of network protocols, data on the wire, and covert channels.
  • Excellent written and verbal communication skills.
  • Must be a creative and critical thinker. You have to think outside the box.
  • Highly motivated, deeply passionate and able to work with little oversight.
  • Ability to follow instructions and have attention to detail.
  • Previous Red or Purple team exercise experience desired.

Benefits

  • Work remotely from wherever you have a secure internet connection
  • Work whatever hours are best for you (20-30 per week); could be a side gig
Job tags: Architecture AWS BurpSuite CEH GPEN Linux Metasploit Nmap OSCE OSCP Penetration testing PHP Python TTPs Vulnerabilities
Share this job: