remote.careers

Remote Programming Jobs

Contract Penetration Testers

Defiant Inc

  • wordpress
  • php
  • security

Quick Facts

Company
Defiant Inc
Location
US
Experience
Senior
Employment
Contract
Type
Remote

Job benefits

  • Full time telecommuting and flexible working hours.
  • Premier- level medical, dental, and vision insurance.
  • 21 days PTO per year.
  • 401(k) with a 4% Safe Harbor company match that is 100% vested.
  • Latest in laptop and workstation technology.
  • Fitness stipend for a local gym membership or home fitness equipment.
  • Paid training and study time for work-related training and certificati
  • College tuition reimbursement.

Job description

Defiant is a cybersecurity company that delivers the best threat protection for WordPress sites. We are a 100% remote team, fast moving, nimble, and self managed.


We are looking for contract penetration testers to join our team for a short-term project of approximately 6 weeks in duration at 20-30 hours per week. You will be working with our Director of Information Security and a small team that will be testing our network infrastructure and web applications to find security vulnerabilities that an attacker could exploit. If security is your passion and you love doing CTFs in your spare time, then you're exactly who we are looking for to join our team.



  • 5+ years of web application and network penetration testing experience.

  • At least 2 of the following OSCP, CEH, OSCE, GPEN, GWAPT, LPT and/or other equivalent certifications that are valid and not expired.

  • Experience with tools, such as Metasploit, NMAP, Burpsuite, and other various tools and vulnerability scanners.

  • Practical knowledge and experience with Linux operating systems, wordpress, wordpress plugins, API's, AWS architecture, RDS, Redis, Bash, Python, PHP, Laravel, nginx and apache.

  • Familiar with offensive TTPs (Tactics, Techniques and Procedures) including post-exploitation and lateral movement.

  • Familiar with the fundamentals of web applications including authentication, session management, requests, form submittal, etc.

  • Understanding and ability to exploit Cross Site Scripting, SQL injection, RCE and other common vulnerabilities.

  • Deep understanding of security fundamentals and common vulnerabilities (e.g. OWASP Top Ten).

  • Ability to create comprehensive report of findings and provide remedial recommendations after testing is complete.

  • Thorough understanding of network protocols, data on the wire, and covert channels.

  • Excellent communication skills.

  • Must be a creative and critical thinker.

  • Highly motivated, deeply passionate and able to work with little oversight or direction.

  • Previous Red or Purple team exercise experience desired.


Benefits



  • Work remotely from wherever you have a secure internet connection

  • Work whatever hours are best for you (20-30 per week); could be a side gig

Apply now