Senior Web Application Penetration Tester — SIXGEN (Remote, US)

SIXGEN is hiring a Senior Web Application Penetration Tester to perform black-box web application assessments, deliver clear remediation guidance, and support cyber and intelligence missions. This remote US role favors candidates who can obtain a Secret clearance and who bring hands-on offensive experience with Burp Suite, Kali tooling, and modern web APIs.

Why this role matters

As a Senior Web Application Penetration Tester at SIXGEN you will simulate realistic adversaries, identify critical vulnerabilities, and produce actionable findings that protect government and critical infrastructure systems. Your assessments will directly influence defensive posture and mission success.

What you’ll do

• Conduct black-box web application penetration tests to find SQLi, XSS, CSRF, XXE, RCE, deserialization and logic flaws.
• Independently enumerate targets using a bug-bounty style methodology and simulate real-world attack chains.
• Analyze architecture and source code when available to surface deeper, logic-based issues.
• Document findings with risk ratings, reproducible steps and clear remediation guidance.
• Develop offensive tools and automations to scale testing capabilities.
• Test web APIs (REST, SOAP, JSON, XML) and evaluate integrations and authentication flows.
• Stay current with threat trends, tooling and defensive mitigations; share learnings with the team.

Required qualifications

• US Citizen eligible to obtain a Secret clearance.
• Minimum 5 years hands-on web app penetration testing experience.
• OSCP or equivalent practical certifications strongly preferred (OSWE, GWAPT, CBBH, CWEE).
• Proven experience with Burp Suite, Kali Linux, Nmap, Metasploit, Nuclei, Nessus and similar tools.
• Experience with OSINT, offensive tooling, and scripting (Python, Bash, terraform, ansible or similar).
• Familiarity with FISMA and NIST 800-series frameworks and formal testing methodologies.
• Strong written and verbal communication for clear client reporting.

Compensation & benefits

Salary range: $100,000 – $145,000 USD (base salary estimate). SIXGEN also offers employer-paid health coverage, disability and life insurance, 401K with employer contribution, professional development reimbursement, flexible PTO, and remote work policies.

Apply

To apply, visit the official job posting: CLICK HERE TO APPLY — Senior Web Application Penetration Tester. For convenience the word EMAIL is linked to the same application page.

Sample CV / Resume

Sample Cover Letter

Sample Motivation Statement

Sample Email to Apply

Interview Preparation Guide — Senior Web Application Penetration Tester

Role-specific questions (8–12)

• Describe a real-world web app chain of exploits you discovered and how you exploited it end-to-end.
• How do you approach testing a single-page app that relies heavily on client-side logic?
• Explain the steps you take to test RESTful and SOAP APIs for business logic flaws.
• Which Burp Suite features and extensions do you rely on and why?
• How do you validate a suspected deserialization or RCE vulnerability manually?
• Describe how you build and use custom tooling or scripts during an engagement.
• How do you ensure your findings are reproducible by engineering teams?
• Explain how you map findings to NIST or FISMA controls in your reporting.

Suggested talking points / answers

• Structure answers: Context → Technical approach → Evidence → Impact → Remediation. Use clear examples with measurable outcomes.
• Mention specific tools and plugins (Burp Intruder, Collaborator, Repeater, extensions) and why they were useful.
• Explain manual validation steps: payload construction, encoding/decoding, tamper chains, and how to avoid false positives.
• When discussing APIs, show how you test authentication, authorization, rate limiting and business logic boundaries.
• Reference NIST mappings and how you prioritise remediation based on impact and exploitability.

General interview questions (5–7)

• Tell us about your background and most impactful assessment.
• Why SIXGEN and why this role?
• How do you stay current with new vulnerabilities and attack techniques?
• Describe a time you communicated a difficult finding to a non-technical stakeholder.
• How do you manage competing deadlines and multiple concurrent engagements?

Do’s & Don’ts

Do’s

• Do prepare concrete examples with clear technical steps and impact metrics.
• Do show familiarity with Burp Suite workflows and manual testing techniques.
• Do reference frameworks (OWASP, NIST) when explaining prioritisation.
• Do show how you produce reproducible findings and remediation suggestions.
• Do discuss tooling you built or automated to increase test coverage.
• Do ask about client environments, clearance expectations, and team structure.

Don’ts

• Don’t provide vague answers—be specific about techniques and results.
• Don’t overclaim experience with clearance processes if unfamiliar.
• Don’t focus only on tools—explain methodology and reasoning.
• Don’t reveal sensitive exploit code in public interview notes; discuss methodology instead.

Preparation checklist

• Prepare 3–4 detailed STAR examples from recent pentests with key metrics.
• Refresh Burp Suite workflows, Collaborator usage and common extensions.
• Have a short demo or sanitized write-up ready (no sensitive data) to illustrate techniques.
• Review NIST 800-series mappings for reporting and compliance discussion.
• Verify your remote interview environment: VPN, screen sharing, and recording permissions.

Extra pro tips

• When possible, quantify impact (number of affected endpoints, ease of exploit, potential data exposure).
• Discuss detection and mitigation strategies as well as exploitation steps—defenders appreciate both sides.
• If asked about weaknesses, describe a concrete learning path or recent course you completed.

Tips to Work With — Senior Web Application Penetration Tester

1. Overview

Role definition: A Senior Web Application Penetration Tester assesses web-facing assets, simulates adversaries, and delivers prioritized remediation that aligns with compliance frameworks. Core responsibilities include reconnaissance, exploitation, reporting and tooling development. This role is critical to reducing risk in government and infrastructure environments.

2. Step-by-step process (how the role is executed)

Typical engagement workflow (text-based):

• Scope & rules of engagement defined with client.
• Passive reconnaissance and OSINT to map attack surface.
• Active scanning and manual probing (Burp, Nmap, Nuclei).
• Exploit development and proof-of-concept creation where safe.
• Reporting: technical details, risk rating, remediation steps.
• Optional post-test validation to confirm remediations.

Tools, documents and platforms

• Burp Suite Pro, OWASP ZAP — active and manual testing.
• Kali Linux tools: Nmap, Metasploit, Nikto, etc.
• Nuclei, Nessus for automated scanning and templated checks.
• Python/Bash for scripting and custom tooling; Terraform/Ansible for infra automation.
• Reporting templates mapped to NIST/FISMA controls and CVSS for severity.

3. Illustrative example (Problem → Solution)

Problem: An API endpoint allowed unauthenticated access to a parameter that triggered data aggregation, exposing sensitive records when queried with crafted payloads.

Solution: Identified the logic flaw through parameter tampering, produced a reproducible PoC, recommended strict server-side authorization checks and rate limiting, and suggested adding input validation and monitoring rules. Result: access controls were implemented and anomalous queries were blocked in production.

4. Learning & Resources (backlinks)

Suggested upskill resources:

• PortSwigger Web Security Academy — free, hands-on web app labs
• Offensive Security — OSCP / advanced offensive certifications
• SANS Institute — advanced training and courses in penetration testing

WhatsApp Job Alerts |
Telegram Vault |
Proven Tools

Subscribe & Unlock Free Templates

Hey Reader! I affirm through this post that you get the job or opportunity you desire and apply for this month. – Jane Emmanuel