Penetration Tester Expert
About Sygnia Sygnia is a top tier cyber technology and services company that partners with organizations worldwide to proactively build cyber resilience and respond to advanced threats. We work closely with security and IT teams, senior leadership, and boards to help organizations prepare for, withstand, and recover from cyber attacks with confidence. Sygnia brings together elite cyber security professionals from military and commercial backgrounds, combining deep technical expertise with a practical, business focused approach. We support clients at every stage of their security journey, delivering high impact consulting, proactive security services, and incident response when it matters most. The Role We are looking for a talented Penetration Tester Expert to join Sygnia’s Adversarial Tactics Department. This is a fully remote role that offers the opportunity to work with global clients while collaborating closely with a highly skilled, distributed team. In this role, you will work directly with clients to strengthen the security of their applications by identifying real world attack paths and helping organizations improve their ability to prevent and withstand attacks. You will bring an attacker’s mindset to each engagement and play a critical role in improving the security posture of client services, platforms, products, and infrastructure.
What You Will Do
- Design and execute external penetration testing engagements against client environments, identifying exploitable weaknesses from an attacker’s perspective.
- Perform web application penetration testing, including authentication, authorization, business logic, and data handling assessments.
- Conduct source code reviews to identify security flaws, insecure patterns, and logic vulnerabilities.
- Use black box, gray box, and white box testing approaches based on engagement scope and client needs.
- Clearly communicate findings to clients, including attack paths, risk impact, and practical remediation guidance.
- Collaborate with internal teams to share insights, techniques, and lessons learned from real world attacks.
Requirements
What We Are Looking For
- At least three years of experience in penetration testing, with a strong emphasis on web application security and external testing.
- Hands on experience performing source code reviews as part of penetration testing or application security assessments.
- Previous experience working in a consulting or professional services environment.
- Strong understanding of penetration testing methodologies and hands on experience with tools such as Burp Suite, Swagger, and Postman.
- Deep technical knowledge across a broad range of technologies, with the ability to learn new systems quickly, including:
- Databases such as MSSQL, MySQL, Oracle Database, and PostgreSQL
- Networking protocols including TCP/IP, DNS, HTTP, FTP, AND SMTP
- Web servers such as Apache Nginx, Microsoft IIS, and Tomcat
- Operating systems including Windows and Linux
- Cloud platforms including AWS, Azure, and GCP
- Strong knowledge of OWASP Top 10 vulnerabilities and defensive techniques.
Bonus Points For
- Proficiency in development languages such as C#, PHP, Java, Node.js, and Python.
- Industry certifications such as OSWE or eWPTXv2.
- Publicly demonstrated security research, including CVEs, bug bounties, or published findings.
- Experience testing complex, high traffic, or business critical web applications.
Why Sygnia At Sygnia, you will work alongside some of the most experienced cyber security professionals in the industry, tackling complex and high impact security challenges for leading organizations around the world. You will gain hands on exposure to real adversary techniques, meaningful client interaction, and the opportunity to continuously deepen your expertise in application security and offensive testing. As a fully remote team, we value autonomy, trust, and collaboration, giving you the flexibility to do your best work while contributing to high stakes engagements that matter. Apply tot his job Apply To this Job