Senior Penetration Tester (WebApp and Network)

at  Rapid Strategy

Rapid Strategy is seeking a Senior Penetration Test Consultant for both web apps and network. Rapid Strategy is an award-winning and African-American owned small business providing cybersecurity services to the private and public sector. Based in Charlotte, NC, we support our clients across the North Carolina and DMV area. You can learn more about Rapid Strategy at www.RapidStrategy.io
The primary objective of the Penetration Tester is to simulate cyber attacks on web applications to identify security vulnerabilities before they can be exploited by malicious actors. This role involves a combination of analytical skills, technical expertise, and creativity to simulate real-world hacking scenarios.

Key Responsibilities:

• Conducting thorough penetration tests on web applications to identify vulnerabilities.
• Utilizing various penetration testing tools and methodologies to simulate cyber attacks.
• Analyzing web applications for weaknesses and vulnerabilities using manual and automated methods.
• Understanding and exploiting known web vulnerabilities such as SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and others.
• Preparing detailed reports on findings and providing recommendations for security improvements.
• Collaborating with development teams to advise on security best practices.
• Keeping abreast of the latest cybersecurity threats and testing methodologies.

Required Skills and Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• 5+ years of experience
• Industry certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or GIAC Web Application Penetration Tester (GWAPT).
• Strong understanding of web application technologies and protocols (HTTP/HTTPS, HTML, JavaScript, etc.).
• Proficiency in using penetration testing tools like Burp Suite, OWASP ZAP, Metasploit, SQLMap, etc.
• Experience with known exploits and their mitigation.
• Ability to analyze and report on penetration testing outcomes effectively.
• Excellent problem-solving and analytical skills.
• Strong communication skills for collaboration with cross-functional teams.

Desirable Skills:

• Experience with programming/scripting languages such as Python, JavaScript, or Ruby.
• Knowledge of network security and operating systems.
• Familiarity with cloud environments and container technologies

This role will be primarily remote but may require travel to Suffolk, VA.
Please note that this position requires applicants to be U.S. citizens and based in the United States. Only individuals who meet these criteria will be considered for employment

• Conducting thorough penetration tests on web applications to identify vulnerabilities.
• Utilizing various penetration testing tools and methodologies to simulate cyber attacks.
• Analyzing web applications for weaknesses and vulnerabilities using manual and automated methods.
• Understanding and exploiting known web vulnerabilities such as SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and others.
• Preparing detailed reports on findings and providing recommendations for security improvements.
• Collaborating with development teams to advise on security best practices.
• Keeping abreast of the latest cybersecurity threats and testing methodologies