[Remote] Senior Security Consultant (Web Application Penetration Tester)
Note: The job is a remote job and is open to candidates in USA. NetSPI is an award-winning pioneer of Penetration Testing as a Service (PTaaS) with a focus on innovative security solutions. As a Senior Security Consultant, you will conduct security assessments, identify vulnerabilities, and deliver actionable reports to enhance clients' security posture, primarily focusing on web applications.ResponsibilitiesConduct engagements on web applications and underlying APIs independently and provide technical oversightReview reports for accuracy in technical oversight, perform weekly QA oversight, and provide mentoring support to othersCreate, deliver, and collaborate on penetration testing reports in diverse client environments, maintaining client-specific processes, reporting standards, and access protocols to help improve their security postureResearch and develop innovative techniques, tools, and methodologies for penetration testing services, alongside commitment to improvement and execution on NetSPI specific products and processesParticipate in development, implementation, and oversight of testing, delivery, and management strategies for key client accountsPerform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operationsSkillsBachelor's degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experienceMinimum of 3-5 years of work experience in Penetration TestingFamiliarity with offensive tools, based on applicable skillset (e.g., Kali Linux, Burp Suite, Metasploit, Nessus)Familiarity with offensive and defensive IT concepts and protocolsExtensive understanding of the OWASP Top 10, MITRE ATT&CK framework, and various security frameworksWorking knowledge of Windows, Linux and MacOS operating systems internalsExperience mentoring or coaching to growing team members, while sharing knowledge externally through blogs, hosting webinars, or presenting at conferencesAbility to work independently and as part of a teamProficient communication skills, both written and verbalWillingness to travel up to 5-10%This position requires an 8-hour workday, with occasional evenings or weekends necessary to meet project deadlines or critical needsAbility to provide technical and QA oversight on web applications and underlying APIsExperience in one or more of the following programming or scripting languages (e.g., Ruby, Python, Perl, C, C++, Java, and C#)Offensive cybersecurity certifications (e.g., GXPN, GPEN, OSCP, GWAPT)Company OverviewNetSPI is a cybersecurity company that offers enterprise security testing and attack surface management services. It was founded in 2001, and is headquartered in Minneapolis, Minnesota, USA, with a workforce of 501-1000 employees. Its website is https://www.netspi.com.Company H1B SponsorshipNetSPI has a track record of offering H1B sponsorships, with 1 in 2025, 3 in 2024, 1 in 2023, 2 in 2022, 5 in 2021, 5 in 2020. Please note that this does not guarantee sponsorship for this specific role.