SIXGEN Logo

SIXGEN

Senior Web Application Penetration Tester

Reposted 3 Days Ago
Be an Early Applicant
In-Office or Remote
Hiring Remotely in Annapolis, MD
100K-135K Annually
Senior level
In-Office or Remote
Hiring Remotely in Annapolis, MD
100K-135K Annually
Senior level
The Senior Web Application Penetration Tester will conduct assessments, analyze security findings, collaborate with clients, and draft detailed reports on vulnerabilities and remediation steps.
The summary above was generated by AI

SIXGEN’s mission is to deliver agile, mission-ready cybersecurity solutions that empower government and critical infrastructure organizations to stay ahead of advanced cyber threats. We combine innovation, deep expertise, and cutting-edge capabilities to uncover vulnerabilities, protect vital systems, and ensure operational superiority in an ever-evolving digital landscape.

POSITION OVERVIEW

Position: Senior Web Application Penetration Tester
Job Type: Full-time
Location: Maryland, Northern Virginia, or Remote
Clearance Requirements: Must be able to obtain a Secret Clearance
Travel Requirements: Up to 10%
Experience: 5+ years

Salary:$125,000-$145,000

WHAT YOU'LL DO

We are seeking a skilled and motivated Senior Web Application Penetration Tester to join our growing cyber operations team. The ideal candidate will possess deep expertise in web application security testing, vulnerability research, and exploitation techniques, with the ability to identify complex attack paths and develop creative solutions to challenging security problems.

This role goes far beyond automated scanning. Successful candidates will conduct in-depth assessments of web applications, APIs, mobile applications, and supporting infrastructure while leveraging custom tooling, manual testing techniques, and advanced exploitation methodologies to uncover impactful security findings.

KEY RESPONSIBILITIESWeb Application Security Assessments
  • Conduct penetration testing of web applications, APIs, mobile applications, databases, and client-side technologies.
  • Perform application enumeration, endpoint discovery, vulnerability research, and exploitation activities.
  • Identify, validate, and assess vulnerabilities across complex environments.
  • Analyze attack paths and security weaknesses to determine business and operational impact.
Technical Analysis & Research
  • Develop and utilize custom tools, scripts, and payloads to support testing activities.
  • Perform network mapping, vulnerability analysis, and security assessments across applications and supporting infrastructure.
  • Research emerging vulnerabilities, attack techniques, and exploitation methodologies.
  • Support post-exploitation activities involving cloud and enterprise environments when applicable.
Client Engagement & Reporting
  • Collaborate with clients and internal teams to define scope, review findings, and recommend remediation strategies.
  • Communicate technical concepts and findings to both technical and non-technical stakeholders.
  • Produce comprehensive reports, including detailed findings, exploitation procedures, risk analysis, and mitigation recommendations.
  • Participate in client meetings and provide ongoing updates throughout assessment activities.
QUALIFICATIONS
  • 5+ years of experience in web application penetration testing or offensive cybersecurity.
  • Demonstrated experience conducting manual web application security assessments.
  • Knowledge of modern web application vulnerabilities, attack methodologies, and exploitation techniques.
  • Experience with network mapping, vulnerability scanning, and penetration testing methodologies.
  • Familiarity with NIST 800-series standards and cybersecurity best practices.
  • Experience developing scripts, payloads, or custom testing tools.
  • Strong analytical, problem-solving, and communication skills.
Preferred Certifications

One or more of the following certifications is strongly preferred:

  • CWES (preferred)
  • CWEE (preferred)
  • OSCP
  • OSWA
  • OSWE
  • CRTO
  • GWAPT
  • Other relevant hands-on offensive security certifications
PREFERRED QUALIFICATIONS
  • Experience with cloud environments and post-exploitation activities.
  • Experience with Active Directory security assessments.
  • Familiarity with FISMA compliance requirements.
  • Experience supporting government or regulated industry clients.
  • Proficiency with common offensive security tools and frameworks.
COMPENSATION & BENEFITS

At SIXGEN, we are committed to fair and equitable compensation practices. Compensation for this role will be based on experience, qualifications, technical expertise, and overall alignment with the position.

Additionally, SIXGEN offers top-tier benefits for full-time employees, including:

  • Employer-paid health insurance premiums (medical, dental, vision) for you and your family 
  • Employer-paid short/long term disability insurance and basic life/AD&D insurance
  • 401K with a 4% employer contribution
  • Professional development reimbursement options available (training, certification, education, etc)​
  • Flexible and remote work policies for most positions
  • Flexible PTO and holiday schedule

For more information, please reach out to our Director of Human Resources, Amy Maxwell at [email protected].

OUR COMMITMENT

SIXGEN is an Equal Opportunity Employer. We ensure that all applicants are considered for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, age, marital status, ancestry, projected veteran status, or any other protected group or class.

We are committed to fostering an inclusive culture that values diversity in our people, reflecting the communities we serve and our customer base. We strive to attract and retain a diverse talent pool and create an environment where everyone is empowered to be their authentic selves at work.


Similar Jobs

14 Minutes Ago
Easy Apply
Remote or Hybrid
United States
Easy Apply
134K-203K Annually
Senior level
134K-203K Annually
Senior level
Artificial Intelligence • Cloud • Computer Vision • Hardware • Internet of Things • Software
Lead design and operation of large-scale data pipelines and data APIs. Build Spark/PySpark workflows on Databricks, optimize job performance, manage data quality and observability, and develop MCP servers and AI-agent integrations. Mentor engineers, define standards, support production incidents and on-call rotations, and collaborate with stakeholders to deliver scalable data platform products.
Top Skills: Apache IcebergApi GatewayAWSAws LambdaAws Rds/AuroraAzureDatabricksDatadogDbtFastapiFivetranGCPGoogle BigqueryLlms/Ai AgentsMcp ServersMs Sql ServerMySQLOraclePostgresPysparkPythonS3SecretsmanagerSnowflakeSnsSparkSplunkSQLSqs
17 Minutes Ago
Easy Apply
Remote or Hybrid
United States
Easy Apply
200K-250K Annually
Senior level
200K-250K Annually
Senior level
Marketing Tech • Real Estate • Software • PropTech • SEO
Lead architecture and delivery of AI-native features for a multi-tenant SaaS platform. Drive cross-functional technical initiatives, design scalable microservice systems, integrate LLMs and agent frameworks, set engineering standards, and mentor engineers to elevate technical execution.
Top Skills: AnthropicApolloAWSClaude CodeDynamoDBElasticsearchGraphQLKafkaKubernetesLambdaNode.jsPostgresReactRedisSqsTailwindTemporalTypescript
22 Minutes Ago
Easy Apply
Remote
USA
Easy Apply
195K-229K Annually
Senior level
195K-229K Annually
Senior level
Artificial Intelligence • Blockchain • Fintech • Financial Services • Cryptocurrency • NFT • Web3
Own and grow Coinbase's most strategic institutional prime finance relationships, driving multi-product expansion and onboarding. Serve as senior escalation point, coordinate across legal, credit, operations, and product, originate business with Sales and Trading, and build scalable coverage models, playbooks, and mentor junior team members.
Top Skills: GeminiGleanLibrechat

What you need to know about the Seattle Tech Scene

Home to tech titans like Microsoft and Amazon, Seattle punches far above its weight in innovation. But its surrounding mountains, sprinkled with world-famous hiking trails and climbing routes, make the city a destination for outdoorsy types as well. Established as a logging town before shifting to shipbuilding and logistics, the Emerald City is now known for its contributions to aerospace, software, biotech and cloud computing. And its status as a thriving tech ecosystem is attracting out-of-town companies looking to establish new tech and engineering hubs.

Key Facts About Seattle Tech

  • Number of Tech Workers: 287,000; 13% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Amazon, Microsoft, Meta, Google
  • Key Industries: Artificial intelligence, cloud computing, software, biotechnology, game development
  • Funding Landscape: $3.1 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Madrona, Fuse, Tola, Maveron
  • Research Centers and Universities: University of Washington, Seattle University, Seattle Pacific University, Allen Institute for Brain Science, Bill & Melinda Gates Foundation, Seattle Children’s Research Institute

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account