Lead Penetration Tester

Lead Penetration Tester What if your ability to think like an attacker could directly make organizations more secure? We're looking for a Lead Penetration Tester to conduct sophisticated offensive security engagements — probing applications, networks, and cloud environments for vulnerabilities before the real adversaries do.This is a fully remote contract role built for experienced offensive security professionals who thrive on technical challenge, think creatively under pressure, and communicate findings with clarity and precision.What You'll Do Plan and execute penetration tests across web applications, internal and external networks, and cloud infrastructureIdentify, validate, and exploit vulnerabilities to demonstrate real-world impactConduct post-exploitation analysis to assess the full scope and blast radius of discovered weaknessesDeliver clear, structured technical reports with actionable severity assessments and remediation guidanceChallenge and validate defensive assumptions — test detection logic, not just defensesSupport recurring red-team and purple-team engagements alongside security operations teamsWho You Are Must-Have:Proven background in offensive security, penetration testing, or red teamingHands-on experience with common exploitation frameworks, tools, and methodologies (Metasploit, Burp Suite, Cobalt Strike, or similar)Strong ability to think like an adversary and replicate real-world attack chainsSkilled at writing structured, professional technical reports that non-technical stakeholders can act onSelf-directed and reliable — you can manage engagements independently without hand-holdingNice to Have:Offensive security certifications (OSCP, OSWE, OSEP, CRTO, or similar)Experience with cloud-specific attack paths (AWS, Azure, GCP)Background in red team operations, adversary simulation, or threat emulationFamiliarity with purple team collaboration and detection engineering workflowsWhy Join Us Fully remote — work from wherever you do your best workFreelance autonomy with consistent, substantive engagementsWork on technically challenging targets across diverse environmentsContribute findings that directly improve real-world security posturePotential for ongoing contract work and expanded engagements over time