Cyber Security Research Engineer (Penetration Testing)

TL;DR

Cyber Security Research Engineer (Penetration Testing): Conducting application penetration testing and security research for complex web and mobile systems with an accent on manual testing, business-logic abuse, and DAST tool optimization. Focus on identifying vulnerabilities, performing deep defect analysis, and collaborating with development teams to ensure robust remediation.

Location: Must be based in Charlotte, North Carolina

Salary: $65–$70/hr

Company

hirify.global is a leading provider of information technology and workforce solutions with a large professional network across the U.S. and Canada.

What you will do

• Conduct application penetration testing across web, API, and mobile platforms.
• Configure and tune automated DAST tools to improve coverage and discovery.
• Perform deep defect analysis and reproduce chained attack paths.
• Produce clear technical reports with evidence and remediation guidance.
• Collaborate with security and application teams to prioritize and resolve defects.
• Support continuous improvement of testing methodologies and industry standards.

Requirements

• 4+ years of Cyber Security Research experience or equivalent.
• 2+ years of hands-on application penetration testing experience, including manual testing.
• 2+ years of DAST experience, including tool configuration and manual verification.
• Advanced proficiency with testing tools like Burp Suite, Invicti, WebInspect, and Fiddler.
• Strong knowledge of application security and OWASP Top 10.
• Experience with scripting and automation using Python or Shell.

Nice to have

• Security certifications such as OSCP, BSCP, GWAPT, GPEN, or GXPN.

Culture & Benefits

• Access to medical, dental, and vision insurance.
• 401K contributions.
• Paid time off and sick leave.
• Professional environment focused on compliance and security best practices.