Sr. Penetration Tester in BOLIVIA

Are you a cybersecurity professional who thrives in a remote work environment? We are seeking a talented and motivated Penetration Tester to join our team, focusing on securing web services and cloud infrastructure for a growing startup. This fully remote position allows you to apply your expertise in ethical hacking and cloud security. If you're passionate about ethical hacking, protecting digital assets and want to make a real impact on a company's security posture, we want to hear from you!

Conduct comprehensive penetration tests on web services to identify vulnerabilities and exploit potential weaknesses; work closely with development and operations teams to remediate issues and implement secure coding practices; prepare detailed reports with risk assessments and actionable recommendations, specifically focusing on web application security; assess and monitor AWS infrastructure configurations to ensure security best practices are followed; stay current on the latest security threats, particularly those affecting web technologies, and apply this knowledge to refine testing methodologies; contribute to the continuous improvement of security protocols with a focus on safeguarding web services.

• Proven experience as a Penetration Tester or Ethical Hacker, with a strong focus on web application security.
• In-depth knowledge of web service vulnerabilities, including common attack vectors and the OWASP Top Ten.
• Proficiency with penetration testing tools such as Burp Suite, Metasploit, and Nmap, with a particular emphasis on tools suited for web services.
• Experience with AWS security best practices, particularly in securing web-hosted environments.
• Strong report-writing skills, with the ability to clearly communicate technical findings to both technical and non-technical stakeholders.
• Knowledge of scripting and programming languages such as Python, JavaScript, or PowerShell, particularly for web-based exploits.
• Strong analytical and problem-solving skills, with attention to detail.
• Ability to work independently and manage multiple remote projects simultaneously.

• OSCP (Offensive Security Certified Professional) or similar certifications.
• Knowledge of container security, especially in environments hosting web services using Docker or Kubernetes.
• Familiarity with DevSecOps practices and integrating security into CI/CD pipelines.
• Hands-on experience with AWS-specific security tools like AWS Inspector, GuardDuty, or CloudTrail.

• 100% work from home.
• Competitive salaries in USD based on seniority, experience and skill-sets.
• Financial support for training and certifications.
• Career development.
• Performance bonuses.