Contract Penetration Testers
Remote - United States
Defiant is a cybersecurity company that delivers the best threat protection for over 4 million WordPress sites. We are a 100% remote team, fast moving, nimble, and self managed.
We are looking for contract penetration testers to join our team for a short-term project of approximately 6 weeks in duration at a minimum of 20-30 hours per week.
You will be working with our Director of Information Security along side a small team that will be testing our network infrastructure and web applications to find security vulnerabilities that an attacker could exploit.
If security is your passion and you love doing CTFs in your spare time, then you're exactly who we want to talk to.
- 5+ years of web application and network penetration testing experience.
- At least 2 of the following OSCP, CEH, OSCE, GPEN, GWAPT, LPT and/or other equivalent certifications that are valid and not expired.
- Experience with security and penetration testing tools, such as Metasploit, NMAP, Burpsuite or other various tools and vulnerability scanners.
- Practical knowledge and experience with Linux operating systems, wordpress, wordpress plugins, API's, AWS architecture, RDS, Redis, Bash, Python, PHP, Laravel, Nginx and Apache.
- Familiar with offensive TTPs (Tactics, Techniques and Procedures) including post-exploitation and lateral movement.
- Familiar with the fundamentals of web applications including authentication, session management, requests, form submittal, etc.
- Understanding and ability to exploit Cross Site Scripting, Authentication bypass/escalation, SQL injection, RCE and other common vulnerabilities.
- Deep understanding of security fundamentals and common vulnerabilities (e.g. OWASP Top Ten).
- Ability to create comprehensive details of findings and provide remedial recommendations after testing is complete to be compiled into the final report.
- Thorough understanding of network protocols, data on the wire, and covert channels.
- Excellent written and verbal communication skills.
- Must be a creative and critical thinker. You have to think outside the box.
- Highly motivated, deeply passionate and able to work with little oversight.
- Ability to follow instructions and have attention to detail.
- Previous Red or Purple team exercise experience desired.
Diversity at Defiant
We value diversity and do not discriminate based on race, color, religion or creed, national origin or ancestry, sex, age, physical or mental disability, military or veteran status, gender identity or expression, marital status, sexual orientation, political ideology, economic status, parental status, or any other non-performance-related status.
More Information Security position highlights
- Explore open SOC Analyst Jobs
- Explore open Senior SOC Analyst Jobs
- Explore open Threat Intelligence Response Analyst Jobs
- Explore open Senior Penetration Tester Jobs
- Explore open Staff Security Engineer Jobs
- Explore open Information Security Officer Jobs
- Explore open Vulnerability Analyst Jobs
- Explore open Threat Intelligence Analyst Jobs
- Explore open Software Security Engineer Jobs
- Explore open Infrastructure Security Engineer Jobs
- Explore open Senior Information Security Engineer Jobs
- Explore open Chief Information Security Officer Jobs
- Explore open Cybersecurity Analyst Jobs
- Explore open IAM Engineer Jobs
- Explore open Sr. Software Engineer - Detection Engineering Jobs
- Explore open Computer Network Defense & Incident Response Analyst - Mid to Senior Level Jobs
- Explore open DevOps Security Engineer Jobs
- Explore open Computer Forensic Software Engineer Jobs
- Explore open Personnel Security Officer Jobs
- Explore open Senior Information Security Analyst Jobs
- Explore open Engineering Manager - Information Security, Bangalore Jobs
- Explore open Cybersecurity Engineer Jobs
- Explore open Staff Engineer, Cloud Security Jobs
- Explore open Cyber Threat Analyst Jobs
- Explore open Privacy Manager Jobs
- Explore open Clearance-related jobs
- Explore open Open Source-related jobs
- Explore open CEH-related jobs
- Explore open Forensics-related jobs
- Explore open PCI-related jobs
- Explore open IDS-related jobs
- Explore open Risk management-related jobs
- Explore open Audits-related jobs
- Explore open NIST-related jobs
- Explore open Ruby-related jobs
- Explore open Splunk-related jobs
- Explore open OSCP-related jobs
- Explore open Machine Learning-related jobs
- Explore open Google-related jobs
- Explore open IPS-related jobs
- Explore open AI-related jobs
- Explore open Encryption-related jobs
- Explore open Security assessments-related jobs
- Explore open Docker-related jobs
- Explore open PowerShell-related jobs
- Explore open DNS-related jobs
- Explore open TCP/IP-related jobs
- Explore open Unix-related jobs
- Explore open Threat detection-related jobs