Related keywords: manual tester remote jobtester remote jobcyber security remote job
The Senior Web Application Penetration Tester role at SixGen, Inc. is a full-time position that can be conducted remotely from anywhere in the world. While the company's primary operation is remote, candidates in closer proximity to Maryland or Virginia are encouraged to apply, although it is not a requirement for the job. An essential aspect of this position is the ability to obtain a Secret Clearance, which may necessitate compliance with specific prerequisites. Candidates should also expect potential travel commitments of up to 10%.
Founded with the mission to provide agile, mission-ready cybersecurity solutions, SixGen serves both government and critical infrastructure sectors, aiming to counteract sophisticated cyber threats. The company prides itself on its innovative techniques, expert staff, and evolving capabilities to not only identify vulnerabilities but also to protect vital systems against adversaries in an increasingly digital landscape.
In this role, the primary tasks will include:
Conducting comprehensive, black-box penetration testing of web applications to discover and report critical vulnerabilities. These vulnerabilities may include SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML External Entity (XXE) attacks, deserialization attacks, and Remote Code Execution (RCE).
Analyzing application architecture and related source code to uncover vulnerabilities that are deeper than surface-level issues.
Documenting and communicating findings with clear risk assessments and actionable remediation recommendations that facilitate client understanding and engagement.
Keeping abreast of ever-evolving web technologies, threat trends, and security tools to ensure the adoption of cutting-edge testing practices.
The qualifications necessary for applicants interested in the Senior Web Application Penetration Tester position include:
US Citizenship, with an ability to secure a Secret clearance.
A minimum of 5 years of hands-on experience in web application penetration testing, specifically a strong preference for relevant certifications such as OSCP or equivalent credentials (e.g., Certified Bug Bounty Hunter, Certified Web Endpoint Engineer, Offensive Security Web Expert).
Proven ability conducting full-scope penetration tests utilizing tools like Burp Suite, Kali Linux, Metasploit, Nuclei, Nessus, and Nmap.
Proficient in gathering and developing actionable intelligence using open-source intelligence (OSINT) strategies.
Familiarity with programming in languages like Python, Bash, and experience with infrastructure as code through tools like Terraform or Ansible.
Experience in testing web-based APIs (REST, SOAP, XML, JSON) and a solid understanding of manual testing techniques along with automated tools such as Burp Suite and OWASP ZAP for application security.
Knowledge of compliance frameworks including FISMA and NIST 800-series frameworks, as well as experience in practical formal testing methodologies in various environments.
Strong communication capabilities are essential to effectively interact with clients and convey findings.
Suitable candidates will also need to demonstrate experience working independently with minimal supervision while collaborating effectively as part of a team.
While not mandatory, having experience with awarded CVEs, cloud services, and Active Directory penetration testing may give candidates an edge.
This role offers a competitive salary range between $100,000 and $145,000 USD, tailored to reflect compensation factors including work experience, educational background, critical skills, and business needs. The actual salary offer will come after an exhaustive review of the candidate's qualifications directly in line with the job role’s expectations.
In addition to the salary, SixGen provides a suite of top-tier benefits for full-time employees, such as:
Employer-paid health insurance premiums covering medical, dental, and vision for both employees and their families.
Short and long-term disability insurance alongside basic life/AD&D insurance at no charge to employees.
A robust 401K plan featuring a 4% employer contribution to help employees plan for their future.
Professional development reimbursement options that can cover training, certification, and education, fostering growth and skill advancement in the field.
Flexible working arrangements, including remote work policies that cater to employee needs.
A flexible PTO and holiday schedule for better work-life balance, which is especially appealing in today’s fast-paced employment landscape.
SixGen's commitment to diversity and inclusion is notable, as they actively promote practices that ensure all applicants are evaluated without discrimination relative to race, color, religion, sexual orientation, gender identity, nationality, disability, age, marital status, ancestry, or veteran status. Their goal of fostering an inclusive culture is evident, aiming to reflect the communities they serve while empowering employees to be their authentic selves at work.
This job offer was originally published on weworkremotely.com
October 31, 2025
17 views
3 clicks on Apply Now
This job offer summary has been generated using automated technology. While we strive for accuracy, it may not always fully capture the nuances and details of the original job posting. We recommend reviewing the complete job listing before making any decisions or applications.
