Job Closed
This listing is no longer active.
CyberSecurity as a Solution: Enabling Secure Business.
Penetration Tester
Location
United States
Posted
68 days ago
Salary
0
Seniority
Senior
Job Description
Penetration Tester
Dragonfli Group
• Engagement Scoping & Planning: Partner with stakeholders to define objectives, rules of engagement, and success criteria to ensure safe execution. • Reconnaissance & Enumeration: Perform passive and active discovery of attack surfaces, services, and APIs to map trust boundaries. • Manual Application Testing: Conduct deep testing of web and mobile apps aligned with OWASP Top 10 and common design flaws. • Vulnerability Validation: Safely verify findings such as XSS, SQLi, CSRF, SSRF, and broken access control to demonstrate real-world impact. • Network & Infrastructure Testing: Identify weaknesses in exposed services, insecure protocols, and misconfigurations across hybrid environments. • Post-Exploitation Analysis: Assess blast radius, lateral movement paths, and persistence risks while minimizing operational impact. • Reporting & Remediation: Deliver clear technical reports with reproduction steps and prioritized fixes for both engineers and leadership.
Job Requirements
- Strong understanding of web application security and modern attack techniques.
- Demonstrated ability to distinguish false positives from exploitable issues.
- Proven experience documenting evidence and providing pragmatic remediation guidance.
- Ability to operate within strict rules of engagement and ethical safety constraints.
- U.S. Citizenship or Permanent Residency (Green Card).
- Previous experience supporting federal contracting environments.
- Experience with mobile (Android/iOS) or cloud penetration testing (AWS/Azure/GCP).
- Experience with CI/CD and supply chain security testing.
- Familiarity with modern app architectures like microservices and containers.
- Offensive Tools: Burp Suite, Nmap, Metasploit.
- Scripting/Automation: Python, PowerShell, or Bash for lightweight proof-of-concepts.
- Security Frameworks: OWASP Top 10, OWASP ASVS.
- Authentication Patterns: OAuth 2.0, OpenID Connect, SAML.
- API Paradigms: REST, GraphQL.
- Relevant Certifications: OSCP, GWAPT, GPEN, PNPT (or equivalent).
Benefits
- Insurance - health, dental, and vision
- Paid Time Off (PTO) and 11 Federal Holidays
- 401(k) employer match
Related Guides
Related Categories
Related Job Pages
More QA Engineer Jobs
• O(a) Engenheiro(a) de Testes é responsável por garantir a confiabilidade e qualidade de produtos digitais, por meio do desenvolvimento de scripts de testes automatizados, validação de user stories e suporte às equipes ágeis de entrega. • Esta função tem foco em automação de testes de UI e APIs, atuando em colaboração próxima com equipes multidisciplinares para evoluir frameworks de testes e contribuir para processos de integração contínua (CI/CD). • Projetar, desenvolver, manter e executar scripts de testes automatizados para UI e APIs utilizando Selenium, Java ou outras linguagens de programação. • Desenvolver e executar automações em ambientes de CI/CD, como Azure DevOps ou Jenkins. • Participar de cerimônias ágeis e colaborar com times Scrum para compreender user stories, critérios de aceitação e requisitos de testes. • Estimar esforço de automação para user stories e garantir cobertura de testes dentro de sprints iterativos. • Identificar, documentar e comunicar defeitos, assegurando validação adequada e cobertura de regressão. • Utilizar Git ou ferramentas similares de controle de versão. • Utilizar Postman ou ferramentas equivalentes para validação e troubleshooting de APIs. • Apoiar a evolução contínua de frameworks de automação e boas práticas de testes.
• The Test Engineer is responsible for ensuring the reliability and quality of digital products by developing automated test scripts, validating user stories, and supporting agile delivery teams. • This role focuses on UI and API test automation, working closely with multidisciplinary teams to evolve test frameworks and contribute to continuous integration/continuous delivery (CI/CD) processes. • Design, develop, maintain, and execute automated test scripts for UI and APIs using Selenium, Java, or other programming languages. • Develop and run automation in CI/CD environments such as Azure DevOps or Jenkins. • Participate in agile ceremonies and collaborate with Scrum teams to understand user stories, acceptance criteria, and testing requirements. • Estimate automation effort for user stories and ensure test coverage within iterative sprints. • Identify, document, and communicate defects, ensuring proper validation and regression coverage. • Use Git or similar version control tools. • Use Postman or equivalent tools for API validation and troubleshooting. • Support the continuous improvement of automation frameworks and testing best practices.
Senior QA Engineer
airSlateEmpowering anyone to create, innovate, automate, and digitally transform their workflows.
• Design and implement automated test cases to improve test coverage and efficiency. • Analyze test results, identify defects, and manage the bug lifecycle. • Perform manual testing of new features and create high-quality test cases for automation. • Support release processes and ensure product stability in production. • Take ownership of QA activities for specific features or solutions. • Analyze product requirements and translate them into effective test strategies and scenarios. • Collaborate closely with the development team on new and existing functionality.
• Strengthen our team through test automation • Work remotely with flexible arrangements • Participate in innovative, international technology projects
