Skip to main content
Back to jobs

Senior Web Application Penetration Tester

External
sixgeninc logoSixgeninc · Annapolis, MD
$125K–$145K/yrFull-timeOn-site2w ago
AgileApplication SecurityCompliancePenetration Testing
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

Responsibilities

  • Web Application Security Assessments
  • Conduct penetration testing of web applications, APIs, mobile applications, databases, and client-side technologies.
  • Perform application enumeration, endpoint discovery, vulnerability research, and exploitation activities.
  • Identify, validate, and assess vulnerabilities across complex environments.
  • Analyze attack paths and security weaknesses to determine business and operational impact.
  • Technical Analysis & Research
  • Develop and utilize custom tools, scripts, and payloads to support testing activities.
  • Perform network mapping, vulnerability analysis, and security assessments across applications and supporting infrastructure.
  • Research emerging vulnerabilities, attack techniques, and exploitation methodologies.
  • Support post-exploitation activities involving cloud and enterprise environments when applicable.
  • Client Engagement & Reporting
  • Collaborate with clients and internal teams to define scope, review findings, and recommend remediation strategies.
  • Communicate technical concepts and findings to both technical and non-technical stakeholders.
  • Produce comprehensive reports, including detailed findings, exploitation procedures, risk analysis, and mitigation recommendations.
  • Participate in client meetings and provide ongoing updates throughout assessment activities.

Requirements

  • 5+ years of experience in web application penetration testing or offensive cybersecurity.
  • Demonstrated experience conducting manual web application security assessments.
  • Knowledge of modern web application vulnerabilities, attack methodologies, and exploitation techniques.
  • Experience with network mapping, vulnerability scanning, and penetration testing methodologies.
  • Familiarity with NIST 800-series standards and cybersecurity best practices.
  • Experience developing scripts, payloads, or custom testing tools.
  • Strong analytical, problem-solving, and communication skills.
  • Preferred Certifications
  • One or more of the following certifications is strongly preferred:
  • CWES (preferred)
  • CWEE (preferred)
  • OSCP
  • OSWA
  • OSWE
  • CRTO
  • GWAPT
  • Other relevant hands-on offensive security certifications
  • Experience with cloud environments and post-exploitation activities.
  • Experience with Active Directory security assessments.
  • Familiarity with FISMA compliance requirements.
  • Experience supporting government or regulated industry clients.
  • Proficiency with common offensive security tools and frameworks.
  • COMPENSATION & BENEFITS
  • At SIXGEN, we are committed to fair and equitable compensation practices. Compensation for this role will be based on experience, qualifications, technical expertise, and overall alignment with the position.
  • Additionally, SIXGEN offers top-tier benefits for full-time employees, including:
  • Employer-paid health insurance premiums (medical, dental, vision) for you and your family
  • Employer-paid short/long term disability insurance and basic life/AD&D insurance
  • 401K with a 4% employer contribution
  • Professional development reimbursement options available (training, certification, education, etc)
  • Flexible and remote work policies for most positions
  • Flexible PTO and holiday schedule
  • For more information, please reach out to our Director of Human Resources, Amy Maxwell at amy.maxwell@sixgen.io .
  • OUR COMMITMENT
  • SIXGEN is an Equal Opportunity Employer. We ensure that all applicants are considered for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, age, marital status, ancestry, projected veteran status, or

Benefits

Health insuranceDental insuranceVision insurance401(k)Paid time offRemote work optionsFlexible schedule

Additional Information

SIXGEN's mission is to deliver agile, mission-ready cybersecurity solutions that empower government and critical infrastructure organizations to stay ahead of advanced cyber threats. We combine innovation, deep expertise, and cutting-edge capabilities to uncover vulnerabilities, protect vital systems, and ensure operational superiority in an ever-evolving digital landscape. POSITION OVERVIEW Position: Senior Web Application Penetration Tester Job Type: Full-time Location: Maryland, Northern Virginia, or Remote Clearance Requirements: Must be able to obtain a Secret Clearance Travel Requirements: Up to 10% Experience: 5+ years Salary: $125,000-$145,000

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at sixgeninc? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect