All roles

Open role

Web Application Penetration Tester

Remote · Netherlands Full-time

Black Lantern Security is a Services Oriented Company

  • Black Lantern Security is built around the ingenuity, passion, and determination of our Operators and Analysts
  • No one "mastermind"
  • No "cult of personality"
  • Competitive compensation and benefits
  • Healthy work-life balance
  • Project-based engagements that play to the team's strengths

Web Application Penetration Tester Location: Remote Required:

  • Must be US citizen (must be willing to submit to federal, state, and local background checks and other requirements).
  • Experience in performing penetration testing on enterprise networks, web applications, and mobile applications.
  • Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Server-side Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws.
  • Experience in testing web-based APIs (i.e. REST, SOAP, XML, JSON).
  • Experience in designing and documenting pragmatic remediation guidance for discovered vulnerabilities.
  • Experience developing actionable intelligence based on open source intelligence (OSINT) gathering.
  • Experience with 1 or more scripting languages such as Bash, Python, Perl, PowerShell, etc.
  • Solid understanding of OWASP testing methodology.
  • Familiarity with front-end web application frameworks (i.e. AngularJS, Bootstrap, etc).
  • Capable of working effectively and efficiently with minimal supervision.
  • Strong written and verbal English language skills.
  • Demonstrated ability to:
  • Adhere to the highest standards of honesty and scientific and business integrity.
  • Think critically about complex problems and situations.
  • Consider emerging vulnerabilities and threats from within the context of organizational risk and business impact(s).
  • Develop novel attack vectors based on newly discovered vulnerabilities.
  • Possess a basic understanding of regulatory standards and requirements including the Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI-DSS), and the Gramm-Leach-Bliley Act (GLBA).

Preferences:

  • Web application development or source code review experience.
  • Strong knowledge of Windows and Linux operating systems.
  • Working knowledge of containerized applications and container-based security controls and configurations.Possess current professional certification (i.e. GWAPT, OSCP, OSCE, GPEN)

Responsibilities:

  • Conduct assessments of web applications, mobile applications, databases, client-side applications and tools, and APIs.
  • Execute manual and automated code analysis to assess the quality and security of source code.
  • Perform pre-assessment research and preparation including reconnaissance, documentation and configuration review, and customer interviews.
  • Develop custom tools and exploits.
  • Analyze security findings, including risk analysis and root cause analysis.
  • Generate comprehensive reports, including detailed findings, exploitation procedures, and mitigations.
  • Develop and deliver walkthrough(s), proof(s) of concept (PoCs), articles, and formal presentations.
  • Execute verification and validation testing for customer mitigations and fixes.

More open positions

Penetration Tester (Java/ Ethical Hacking focus) - Hybrid - Contract to Hire

Work from home Full-time role

Penetration Tester (W-2 or 1099 | U.S.-Based)

Work from home Full-time role

QA Engineer | $42/hr Remote

Work from home Full-time role

ICF Incorporated, LLC: Senior Quality Assurance Engineer – Reston, VA

Work from home Full-time role

Software QA Engineer - REMOTE WORK ( no H-1Bs , no 1099 / C2C candidates )

Work from home Full-time role

Digital Engineer - AVEVA System Support Specialist

Work from home Full-time role

QA Lead

Work from home Full-time role

Technology Product Owner

Work from home Full-time role

IONM Clinical Education Specialist

Work from home Full-time role

Quality Assurance Technical Representative (Eastern North Carolina)

Work from home Full-time role

[Remote] Billing Supervisor - Healthcare

Work from home Full-time role

Senior Client Executive-Automotive (US-Remote)

Work from home Full-time role

UX Designer - In-Store Digital Media & ESL

Work from home Full-time role

Provisionally Licensed Psychologist/ Post-Doctoral Fellow

Work from home Full-time role

Remote Admin Assistant

Work from home Full-time role

Remote Data Entry Associate – Entry-Level Typing & Digital Records Management for Teens (Work From Home) at careerzynith

Work from home Full-time role

Patient Service Representative (Remote – Full Time)

Work from home Full-time role

OpenShift Engineer

Work from home Full-time role

Educational Sales Consultant

Work from home Full-time role

[Remote] Senior Linux Kernel & Driver Engineer – HPC/AI Fabrics

Work from home Full-time role

Field Medical Director_Oncology STEP (non-MD)

Work from home Full-time role