How to Apply For This Job

Do not apply here! This home based job listing was found by our dedicated research team who scours the web daily for legitimate work at home jobs. To apply, you must visit the link to the original source, which you will find at the bottom of the listing. If no longer available, comment below so we can update this listing accordingly.

Location: Work At Home

Penetration tester / Ethical hacker (Freelance – Position, Working from Home)

Looking to expand the team of penetration testers / ethical hackers to engage in vulnerability assessments and manual penetration tests in a private bug bounty model for web, mobile, desktop applications, APIs, network systems and more, covering a full suite of services for the vast Applause customer base world-wide.

If you enjoy tinkering with systems, exploiting vulnerabilities in applications, joining the Applause security team can be your next step in building a reputation globally. You will gain significant additional exposure to clients and applications you’d never have seen otherwise while working in a team comprised of seasoned experts and junior entry level penetration testers earning money for valid vulnerabilities you identify and document.

The main difference to public bug bounties of other large companies? You can actually find issues sometimes within just a few minutes because the apps you’ll test are not hardened and competition is much smaller than on a public bounty program. You can also see issues reported by other testers in real-time which you won’t find elsewhere. SQL injections, remote code executions, serious access control flaws, IDOR, buffer overflows etc. all within reach in these projects. When’s the last time you were allowed to exploit one of those for real?

The successful candidates will primarily be working in the areas of:

  • Application penetration testing
  • Internal & External Network & infrastructure penetration testing
  • Secure application development lifecycle
  • You will be expected to have some experience in some or all of the above areas and will wish to further your career in this area.

You’ll need to have a passion for this area and understand what it means to use ethical hacking skills to help organisations protect their systems and information assets. You could be responsible for trying to break the most advanced defences in the world working with the best in your field across industries and sectors. You’ll need an enquiring mind, the tenacity to overcome technical challenges, and an ability to approach problems from different perspectives.

Job description

You will be conducting manual penetration tests on applications of varying complexity, from a simple looking one-page website which will turn out to have issues across all OWASP TOP 10, to extremely hardened enterprise CRM web applications, mobile applications with proprietary algorithms, space station infrastructure and more.

The work is usually performed remotely as part of a team of other penetration testing experts that you will both compete with and collaborate with. You will have insights into the findings of any of the other testers on the team, so you will have the ability to learn from the very best on every assessment and improve your skills.

You will use a common tool suite for web and mobile testing, including Kali Linux, burpsuite (or other proxy tools you enjoy using) but have free reign over the choice of tools unless specific project instructions restrict that.

Skills & Requirements

Key competencies required:

  • A variety of security testing tools and exploits to identify vulnerabilities and recommend corrective action to developers.
  • Strong inter-personal and communication skills.
  • Report-writing skills.

An understanding or practical experience in the following shall be considered essential:

  • Application penetration testing
  • Network / infrastructure penetration testing
  • BURP or equivalent
  • Secure application development principles

Qualifications and Skills

  • Hands on Penetration Testing experience
  • Strong technical understanding of current security trends and solutions.
  • Experience in at least one, preferably more than one of the following areas

    • Web application security
    • Mobile application security
    • API security
  • CREST or OSCP/OSCE certifications, CHE or equivalent are preferable but not a strict requirement.

Bonus experience

  • You have found 0-day vulnerabilities and dealt with them in a responsible manner
  • Major vulnerabilities found in public bug bounty programs (with published results, e.g. blog post write up)

No office location Remote

burpsuite kali-linux nmap owasp
Student, Junior, Mid-Level Q&A, Quality Improvement

Penetration tester / Ethical hacker (Freelance – Position, Working from Home)

How To Apply For This Work At Home Job

For full contact details, click this link to visit the site where this ad originally appeared:

If the ad is no longer available, or the position has been filled, please submit your comment below so we can update this listing accordingly. Please assist your fellow job seekers by helping us keep this database up to date and accurate.