$ cat job-description.txt
Position: Penetration Tester
Location: Remote
Duration: Contract
Job ID: 177926
Job Overview:
We are seeking a skilled Software Test & Evaluation Technician III to join our team. In this role, you will be responsible for validating, prioritizing, and driving the closure of security vulnerabilities across the enterprise. You will assess findings for exploitability and business risk, retest applications and infrastructure after remediation, and collaborate with engineering teams to ensure effective and timely resolution of issues. This is a hands-on technical role requiring offensive security skills and the ability to communicate effectively with developers, architects, and leadership.
Responsibilities:
- Review and validate incoming vulnerability reports; assess severity, exploitability, and business impact.
- Perform targeted retesting of remediated vulnerabilities to confirm fixes are effective and complete.
- Monitor remediation timelines against SLAs and coordinate with development and infrastructure teams to ensure timely closure.
- Maintain accurate records in the vulnerability management platform and produce weekly status reports on findings.
- Collaborate with application security, DevOps, and engineering teams to provide remediation guidance and technical context.
- Identify patterns in recurring vulnerabilities and recommend process or tooling improvements to reduce triage backlog.
Qualifications: - 3+ years of hands-on penetration testing experience (web applications, APIs, infrastructure).
- Experience triaging vulnerabilities at scale, including CVSS scoring, CWE/OWASP classification, and risk-based prioritization.
- Strong understanding of common vulnerability classes (OWASP Top 10, SANS Top 25) and remediation strategies.
- Proficiency with vulnerability management platforms (e.g., Jira, ServiceNow, DefectDojo, or similar).
- Ability to write clear, reproducible proof-of-concept exploits and remediation validation reports.
- Familiarity with SDLC integration and working directly with development teams on fix guidance.
- Strong written and verbal communication skills, with the ability to translate technical findings for varied audiences.
Preferred Qualifications: - Relevant certifications: OSCP, GPEN, GWAPT, CEH, or equivalent.
- Experience with bug bounty or crowdsourced vulnerability programs.
- Familiarity with financial services regulatory requirements (PCI-DSS, FFIEC, SOX).
- Scripting/automation skills (Python, Bash, Burp extensions) for retesting workflows.
- Experience with CI/CD pipeline security tooling (SAST/DAST integration).
- Familiarity with tools such as Burp Suite Professional, Nuclei, and Caido.
- Knowledge of cloud platforms (AWS, Azure, Google Cloud Platform) security configurations and container/Kubernetes security fundamentals.
About PTR Global: PTR Global is a leading provider of information technology and workforce solutions. PTR Global has become one of the largest providers in its industry, with over 5000 professionals providing services across the U.S. and Canada. For more information visit ;br>
At PTR Global, we understand the importance of your privacy and security. We NEVER ASK job applicants to:
- Pay any fee to be considered for, submitted to, or selected for any opportunity.
- Purchase any product, service, or gift cards from us or for us as part of an application, interview, or selection process.
- Provide sensitive financial information such as credit card numbers or banking information. Successfully placed or hired candidates would only be asked for banking details after accepting an offer from us during our official onboarding processes as part of payroll setup.
Pay Range: $50- $55
The specific compensation for this position will be determined by several factors, including the scope, complexity, and location of the role, as well as the cost of labor in the market; the skills, education, training, credentials, and experience of the candidate; and other conditions of employment. Our full-time consultants have access to benefits, including medical, dental, vision, and 401K contributions, as well as PTO, sick leave, and other benefits mandated by applicable state or localities where you reside or work.
If you receive a suspicious message, email, or phone call claiming to be from PTR Global do not respond or click on any links. Instead, contact us directly at +1 . To report any concerns, please email us at
#LI-HY1
first seen 2026-07-01 08:40:01 · last verified 2026-07-01 08:40:01
pentestcareers.com // breach the job market