Mid-Level Penetration Tester - 0122 NJ #1

Job Description

Job DescriptionJob Title: Mid-Level Penetration Tester

Location: Remote
Duration: 12 Months
Compensation: $45–$50/hour

Job Summary

The Mid-Level Penetration Tester independently delivers penetration testing engagements and serves as a technical anchor for junior team members. This role combines hands-on technical execution, client-facing communication, and risk-based judgment within enterprise and regulated environments.

The position is accountable for end-to-end penetration testing delivery and quality, from scoping through reporting and remediation validation.

Key ResponsibilitiesIndependent Test Delivery

• Lead and execute penetration testing engagements, including:

  • External and internal network penetration testing

  • Web application and API security testing

  • Active Directory and identity-focused attack paths

  • Cloud security testing (AWS, Azure, GCP)

• Develop realistic attack paths that simulate real-world adversary behavior

• Perform authorized exploitation, post-exploitation, and lateral movement activities where permitted

Client Interaction & Engagement Support

• Participate in:

  • Pre-engagement scoping and assumptions validation

  • Rules of Engagement walkthroughs

  • Close-out meetings and remediation discussions

• Translate technical vulnerabilities into clear, business-relevant risk statements

• Support retesting and remediation validation efforts

Reporting Ownership & Quality Assurance

• Own penetration testing reports end-to-end, including:

  • Executive summaries

  • Risk prioritization

  • Actionable and clear remediation guidance

• Ensure deliverables meet internal QA standards and client expectations

• Peer-review junior tester findings and provide corrective guidance

Mentorship & Practice Development

• Provide hands-on coaching and technical guidance to junior penetration testers

• Contribute to:

  • Internal penetration testing methodologies

  • Tooling and automation improvements

  • Reusable attack patterns and playbooks

• Support estimation and effort-sizing for future engagements

Required Skills & ExperienceTechnical Expertise

Strong hands-on experience with:

• Web application and API exploitation

• Network and Active Directory security testing

• Authentication and authorization weaknesses

• Cloud misconfigurations and identity risks

Advanced proficiency with tools such as:

• Burp Suite Pro

• Metasploit

• BloodHound

• Scripting for automation or exploit development (Python preferred)

Professional Experience

• Minimum 5 years of professional penetration testing experience

• Proven experience delivering client-facing security engagements

• Experience working in enterprise or regulated environments preferred

Preferred Certifications

• CREST CRT or CCT

• OSCP

• Burp Suite Certified Practitioner

• Cloud security certifications (AWS or Azure preferred)