Penetration Tester

About Workstreet

At Workstreet, we’re on an exciting journey to help businesses scale securely by building and implementing cutting-edge security and compliance programs. As a fast-growing startup, we specialize in compliance frameworks like SOC 2, ISO 27001, and GDPR, empowering companies to meet regulatory standards and strengthen their cybersecurity posture from day one. We’ve partnered with Vanta, which has significantly driven our business and contributed to our growth!

We are seeking a highly motivated and detail-oriented Penetration Tester to join our fast-growing team. The ideal candidate will have a solid background in cybersecurity compliance frameworks such as SOC 2, ISO 27001, and NIST CSF. They should possess excellent communication skills and the ability to manage multiple cybersecurity compliance projects simultaneously. The ideal candidate will also have experience overseeing or managing a small team.




Responsibilities:

  • Perform security assessments and penetration tests on web applications, mobile applications, networks, and systems.
  • Identify, document, and report security vulnerabilities and weaknesses.
  • Provide detailed recommendations for security improvements and remediation.
  • Collaborate with development and operations teams to ensure vulnerabilities are effectively mitigated.
  • Conduct social engineering assessments to identify human-related security risks.
  • Stay current with the latest security threats, vulnerabilities, and technologies.
  • Develop and maintain security testing methodologies and tools.
  • Assist in incident response activities and investigations as needed.
  • Participate in security training and awareness programs for employees.
  • Contribute to the continuous improvement of security policies, procedures, and standards
  • Develop client-facing reports using industry best practices for penetration tests.

Must-have Qualifications:

  • Proven experience as a Penetration Tester or similar role.
  • Strong knowledge of security assessment tools and methodologies.
  • Expertise in identifying and exploiting vulnerabilities in various systems and applications.
  • Excellent problem-solving and troubleshooting skills.
  • Proficiency in written and spoken English.
  • Ownership of a computer capable of running modern security tools and software.
  • Ability to work within the US Eastern timezone.
  • Relevant certifications such as CEH, OSCP, or similar.

Nice to Have:

  • Experience with cloud security assessments (AWS, GCP, Azure).
  • Familiarity with compliance standards such as SOC 2, GDPR, or HIPAA.
  • Previous experience working for a tech company.
  • Experience thriving in a fast-paced startup environment.

Requirements:

  • Must be amenable to work US Eastern Time zone hours.
  • Fluency in written and spoken English.
  • Can start immediately.

Delivery

Remote (Philippines)

Remote (India)

Remote (South Africa)

Share on:

Terms of servicePrivacyCookiesPowered by Rippling