Penetration Tester

TL;DR

Penetration Tester (Cybersecurity): Conduct controlled penetration testing of applications, cloud environments, and infrastructure to identify and remediate security vulnerabilities with an accent on exploit development, risk documentation, and collaboration with engineering. Focus on applying modern attack techniques, security frameworks, and cloud security to strengthen platform security and promote security awareness across the organization.

Location: Remote within the United States, excluding Chicago city limits. Candidates must be U.S. citizens or lawful permanent residents due to federal security requirements.

Salary: $140,000–$170,000 per year (varies by state)

Company

hirify.global automates IT endpoint management, security, and control for over 30,000 customers, focusing on productivity, security risk reduction, and cost savings.

What you will do

• Perform controlled penetration testing of applications, cloud environments, and infrastructure, demonstrating exploitability and documenting risks and remediation.
• Collaborate with engineering teams to validate vulnerabilities and support secure design and remediation.
• Develop custom tools or scripts to support penetration testing and automation.
• Monitor and triage bug bounty submissions, confirming valid findings and routing appropriately.
• Stay current on emerging threats and cybersecurity trends to guide security initiatives.
• Create clear reports and presentations for technical and executive stakeholders.

Requirements

• Must be a U.S. citizen or lawful permanent resident due to FedRAMP security requirements.
• Cannot be located within Chicago city limits but candidates outside or willing to self-relocate are considered.
• 2+ years of hands-on penetration testing experience and 4+ years in cybersecurity roles.
• Strong knowledge of security protocols, cryptography, authentication, authorization, and modern attack techniques.
• Proficiency with penetration testing tools and scripting languages (Java, Kotlin, C++, Python, Go).
• Familiarity with security frameworks (OWASP, NIST), threat modeling, and system hardening standards.

Nice to have

• Security certifications such as OSCP, Security+, CISSP, or CISM.
• Experience with cloud-native application security and cloud security architecture.

Culture & Benefits

• Hybrid remote work with flexibility.
• Comprehensive medical, dental, and vision insurance.
• 401(k) retirement plan.
• Unlimited paid time off.
• Opportunities for growth and advancement.