Senior Web Application Penetration Tester
SIXGEN
Senior Web Application Penetration Tester
Annapolis, Maryland
SIXGEN's mission is to deliver agile, mission-ready cybersecurity solutions that empower government and critical infrastructure organizations to stay ahead of advanced cyber threats. We combine innovation, deep expertise, and cutting-edge capabilities to uncover vulnerabilities, protect vital systems, and ensure operational superiority in an ever-evolving digital landscape.
Position Overview
Position: Senior Web Application Penetration Tester Job Type: Full-time Location: Maryland, Northern Virginia, or Remote Clearance Requirements: Must be able to obtain a Secret Clearance Travel Requirements: Up to 10% Experience: 5+
What You'll Do
We are seeking a skilled and motivated Senior Web Application Penetration Tester to join our growing cyber operations team. The ideal candidate will possess deep expertise in web application security testing, vulnerability research, and exploitation techniques, with the ability to identify complex attack paths and develop creative solutions to challenging security problems.
This role goes far beyond automated scanning. Successful candidates will conduct in-depth assessments of web applications, APIs, mobile applications, and supporting infrastructure while leveraging custom tooling, manual testing techniques, and advanced exploitation methodologies to uncover impactful security findings.
Key Responsibilities
Web Application Security Assessments
- Conduct penetration testing of web applications, APIs, mobile applications, databases, and client-side technologies.
- Perform application enumeration, endpoint discovery, vulnerability research, and exploitation activities.
- Identify, validate, and assess vulnerabilities across complex environments.
- Analyze attack paths and security weaknesses to determine business and operational impact.
Technical Analysis & Research
- Develop and utilize custom tools, scripts, and payloads to support testing activities.
- Perform network mapping, vulnerability analysis, and security assessments across applications and supporting infrastructure.
- Research emerging vulnerabilities, attack techniques, and exploitation methodologies.
- Support post-exploitation activities involving cloud and enterprise environments when applicable.
Client Engagement & Reporting
- Collaborate with clients and internal teams to define scope, review findings, and recommend remediation strategies.
- Communicate technical concepts and findings to both technical and non-technical stakeholders.
- Produce comprehensive reports, including detailed findings, exploitation procedures, risk analysis, and mitigation recommendations.
- Participate in client meetings and provide ongoing updates throughout assessment activities.
Qualifications
- 5+ years of experience in web application penetration testing or offensive cybersecurity.
- Demonstrated experience conducting manual web application security assessments.
- Knowledge of modern web application vulnerabilities, attack methodologies, and exploitation techniques.
- Experience with network mapping, vulnerability scanning, and penetration testing methodologies.
- Familiarity with NIST 800-series standards and cybersecurity best practices.
- Experience developing scripts, payloads, or custom testing tools.
- Strong analytical, problem-solving, and communication skills.
Preferred Certifications
One or more of the following certifications is strongly preferred:
- OSCP (Preferred)
- OSWA
- OSWE
- CRTO
- CBBH
- GWAPT
- Other relevant hands-on offensive security certifications
Preferred Qualifications
- Experience with cloud environments and post-exploitation activities.
- Experience with Active Directory security assessments.
- Familiarity with FISMA compliance requirements.
- Experience supporting government or regulated industry clients.
- Proficiency with common offensive security tools and frameworks.
Compensation & Benefits
At SIXGEN, we are committed to fair and equitable compensation practices. Compensation for this role will be based on experience, qualifications, technical expertise, and overall alignment with the position.
Additionally, SIXGEN offers top-tier benefits for full-time employees, including:
- Employer-paid health insurance premiums (medical, dental, vision) for you and your family
- Employer-paid short/long term disability insurance and basic life/AD&D insurance
- 401K with a 4% employer contribution
- Professional development reimbursement options available (training, certification, education, etc)
- Flexible and remote work policies for most positions
- Flexible PTO and holiday schedule
Our Commitment
SIXGEN is an Equal Opportunity Employer. We ensure that all applicants are considered for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, age, marital status, ancestry, projected veteran status, or any other protected group or class.
We are committed to fostering an inclusive culture that values diversity in our people, reflecting the communities we serve and our customer base. We strive to attract and retain a diverse talent pool and create an environment where everyone is empowered to be their authentic selves at work.
Vacancy posted 18 hours ago
Similar jobs that could be interesting for youBased on the Senior Web Application Penetration Tester in Annapolis, MD vacancy
$100k - $145k
...Headquarters: Remote URL: POSITION OVERVIEW Position: Senior Web Application Penetration Tester Job Type: Full Time Location: Remote US. Proximity to Maryland or Virginia is a plus, but not required Clearance Requirements: Ability to obtain a Secret...SeniorWebFull timeTemporary workWork experience placementRemote workFlexible hoursCloudDevs
Annapolis, MD2 days ago- Job Overview Application Penetration Tester at ASM Research, an Accenture Federal Services Company located in Annapolis, MD. In this role you will safeguard web applications and REST APIs by applying deep knowledge of OWASP Top10 and SANS25 to identify, mitigate, and remediate...WebContract workWork at office
$150k - $190k
...Security. Role Description: A Lead Penetration Tester is needed to join a high performing... ...develop mitigation strategies. Perform web app pentests. Perform vulnerability... ...familiarity of the following Web Application tools; Burp Suite, Web Inspect, Appdetective...SeniorWebFor subcontractorLocal areaFlexible hoursShift workNavstar
Annapolis, MD18 hours ago$150k - $220k
...Belay Technologies is seeking a Lead Penetration Tester to join their intel team. The PT is needed... ...mitigation strategies. Perform web app pentests. Perform vulnerability... ...strong familiarity of the following Web Application tools; Burp Suite, Web Inspect, Appdetective...SeniorWebContract workWork experience placementLocal areaFlexible hoursShift workBelay Technologies
Annapolis, MD3 days ago$2,500 per month
...Testing Events by conducting penetration testing, publishing results,... ...functionality to ensure uniform application of security policy and... ...mitigation strategies. Performing web app pen tests. Performing vulnerability... ...Web Applications Penetration Tester (GWAPT) GIAC Penetration...SeniorWebImmediate startProdigyOne
Annapolis, MD4 days ago$131.3k - $237.35k
...Senior ISSE/Penetration Tester Leidos has an exciting and challenging opportunity for a Senior ISSE... ...and functionality to ensure uniform application of security policy and enterprise solutions... ...mitigation strategies. Performing web app pen tests. Performing...SeniorWebImmediate startFlexible hoursLeidos
Annapolis, MD4 days ago- Job Title: Senior Database Vulnerability Analyst Location: Fort Meade, MD 20755 Clearance... ...Clearance Requirements: Serve as an application technical specialist for assets connected... ...meetings to provide cyber oversight for web changes that affect the level of risk Recommend...SeniorWebFull timeWork experience placementCasual work
- ...evaluate results to ensure compliance with applicable regulations G. Design and prepare all... ...(8) years of experience as an analyst/tester on software projects in supporting requirement... ...testing tools. Experience in testing Web application, Mobile application in a...SeniorWebFull timeTemporary workFlexible hours
Interclypse
Annapolis, MD4 days ago $210k - $220k
...Description: A Lead Penetration Tester is needed to join a high performing agile... ...develop mitigation strategies. Perform web app pentests. Perform vulnerability... ...strong familiarity of the following Web Application tools; Burp Suite, Web Inspect, Appdetective...WebFull timeContract workTemporary workWork experience placementLocal areaImmediate startShift workUnisity LLC
Annapolis, MD3 days ago- ...About the role Seeking a skilled Lead Penetration Tester to join a high-performing agile team... ...response, with a strong background in web development and security tools. This role... ...strategies. Conduct web application penetration tests and vulnerability risk...WebShift work
Falcon IT & Staffing Solutions
Annapolis, MD4 days ago $40 per hour
...directly shapes the next generation of AI security models Qualifications 2+ years of hands‑on experience in cybersecurity (e.g., penetration testing, red teaming, incident response, detection engineering, DFIR, malware analysis, threat intelligence, or similar) Some coding...SeniorHourly payFull timePart timeRemote workDataAnnotation
Annapolis, MD1 day ago$2,500 per month
...Job Description: A Lead Penetration Tester is needed to join a high performing agile... ...testing tools. Must have experience in web development and programming languages such... ...strong familiarity of the following Web Application tools; Burp Suite, Web Inspect, Appdetective...WebLocal areaImmediate startShift workProdigyOne
Annapolis, MD4 days ago$131.3k - $237.35k
...Lead Penetration Tester Leidos has a new and exciting opportunity for a Lead Penetration... ...develop mitigation strategies. Perform web app pentests. Perform vulnerability... ...strong familiarity of the following Web Application tools; Burp Suite, Web Inspect,...WebLocal areaImmediate startFlexible hoursShift workLeidos
Annapolis, MD1 day ago$113k - $279k
...systems and software engineering services firm is seeking a Lead Penetration Tester to join their agile team. The role entails addressing... ...should have extensive experience with penetration testing tools, web development, and managing multiple projects. This position offers...Web- A cybersecurity firm is looking for a Penetration Tester to assess the security of systems and applications. In this role, you will conduct vulnerability and penetration tests, collaborate with analysts, and prepare reports on security findings. The ideal candidate will...Senior
- Lead Penetration Tester Leidos is hiring a Lead Penetration Tester in its National Security Sector's Cyber & Analytics Business Area. This... ...will perform internal and external penetration tests, web application tests, vulnerability risk assessments, physical pentests and...WebImmediate startFlexible hoursShift work
$120k - $250k
A technology solutions provider based in Maryland is hiring a Full Stack Developer to design and maintain web applications. Candidates should possess an active TS/SCI clearance and have 5+ years of relevant experience. The position involves collaboration with stakeholders...SeniorWeb- ...involves coding IT solutions, systems modeling, and providing technical consultation. Ideal candidates have 3 to 5 years of experience in web development, particularly with Ruby on Rails, and must possess an active TS/SCI with Full-scope Polygraph Clearance. Strong problem-...SeniorWeb
$100k - $145k
...A cybersecurity firm is seeking a Senior Web Application Penetration Tester to conduct web application testing and identify critical vulnerabilities. Candidates should have at least 5 years of experience, the ability to obtain a Secret Clearance, and knowledge of tools...SeniorWebRemote workCloudDevs
Annapolis, MD2 days ago$155k - $195k
...Server), systems integration and life cycle support, enterprise application development, network engineering, and information systems... ...state-of-the-art commercial products. We hire software engineers, web designers, test engineers, systems engineers, systems administrators...SeniorWebContract workWork experience placementFlexible hoursBelay Technologies
Annapolis, MD1 day ago$140k - $265k
...NMAP, PKI, Wireshark, auditing, penetration testing, scripting, IASAE,... ...encryption techniques/tools, and web services. Must have in-depth... ...assurance support for application development that includes system... ...Web Applications Penetration Tester (GWAPT) GIAC Penetration Tester...WebContract workTemporary workImmediate start- ...background in modern frameworks such as React and Angular. The role involves auditing legacy applications to improve usability, conducting user research, and designing responsive web interfaces while ensuring accessibility standards. Applicants need an active TS/SCI...SeniorWeb
- Interclypse, Inc. is seeking a Senior Computer Programmer to contribute to the modernization of critical systems for Maryland state agencies... ...and Node.js technologies, as well as experience with RESTful web services. The position is onsite in Maryland, offering an...SeniorWeb
- Overview Diverse Systems Group (DSG) is seeking an experienced Project Manager to lead and oversee IT and web-based system support efforts. This individual will serve as the primary point of contact, ensuring successful delivery, coordination, and performance across all...SeniorWeb
- ...Senior Java Architect Annapolis, MD Mandatory Qualifications: Eight years of experience... ...payments facilitation ecosystem for web apps and standalones; Both embedded... ...Solution, Design, and Development of applications and Web Services using J2EE framework, Spring...SeniorWeb
WATI
Annapolis, MD3 days ago - ...Inc. is looking for a Back-End Developer to contribute to transformative projects for federal clients. The role involves developing web-based, RESTful APIs, ensuring documentation and quality standards while working within a hybrid environment based in Maryland. The ideal...SeniorWeb
- A leading technology firm in Annapolis Junction seeks a Senior Software Engineer with extensive experience in software development. The role requires developing high-performance web applications using React and Next.js, analyzing user requirements, and integrating software...SeniorWeb
- ...want to hear from you! What you will do Lead Testing Efforts: Design and execute test strategies for complex, mission‑critical web applications. Own the Testing Lifecycle: Oversee the entire testing process, from planning and execution to reporting and release...SeniorWeb
- Ecompex is seeking a SME Open-Source Analyst in Annapolis Junction, MD, to support government clients with deep web analysis, intelligence reporting, and collaboration with leadership. Candidates must have a Bachelor’s degree, a Top-Secret security clearance, and at least...SeniorWebFlexible hours
$145k
...Maximus is seeking a Senior Back-End Developer to join our team! The Senior Back-End Developer... ...relevant experience performing back-end web design and development. ~ Demonstrated... ...~5 years of experience testing web-based applications. ~5 years of experience leading...SeniorWebContract workRemote workMAXIMUS
Annapolis, MD18 hours ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Web Application Penetration Tester. Be the first to apply!
Related searches
- ethical hacker Annapolis, MD
- penetration tester Annapolis, MD
- vulnerability analyst Annapolis, MD
- senior game producer Annapolis, MD
- senior manager process engineering Annapolis, MD
- senior manager clinical operations Annapolis, MD
- senior lead project manager Annapolis, MD
- senior manager quality engineering Annapolis, MD
- senior strategy analyst Annapolis, MD
- senior work from home Annapolis, MD