Senior Security Consultant (Web Application Penetration Tester)
About the role
NetSPI® is an award-winning pioneer of Penetration Testing as a Service (PTaaS) with its AI-powered platform supported by more than 350 in-house cybersecurity experts. Specializing in 50+ pentest types, attack surface visibility, vulnerability prioritization, and attack simulation, NetSPI delivers security testing with unprecedented clarity, speed, and scale.
NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at www.netspi.com/careers.
Join the mission as a Senior Security Consultant. We are seeking a skilled and detail-oriented Penetration Tester to conduct thorough security assessments, identify vulnerabilities, and provide expert recommendations to strengthen our clients' security posture. As a Penetration Tester supporting web applications, you will work closely with clients to deliver clear, actionable reports and contribute to the development of security best practices.
Responsibilities
Conduct engagements on web applications and underlying APIs independently and provide technical oversight Review reports for accuracy in technical oversight, perform weekly QA oversight, and provide mentoring support to others Create, deliver, and collaborate on penetration testing reports in diverse client environments, maintaining client-specific processes, reporting standards, and access protocols to help improve their security posture Research and develop innovative techniques, tools, and methodologies for penetration testing services, alongside commitment to improvement and execution on NetSPI specific products and processes Participate in development, implementation, and oversight of testing, delivery, and management strategies for key client accounts Perform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operations.
Minimum Qualifications
Bachelor’s degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experience Minimum of 3-5 years of work experience in Penetration Testing Familiarity with offensive tools, based on applicable skillset (e.g., Kali Linux, Burp Suite, Metasploit, Nessus) Familiarity with offensive and defensive IT concepts and protocols Extensive understanding of the OWASP Top 10, MITRE ATT&CK framework, and various security frameworks. Working knowledge of Windows, Linux and MacOS operating systems internals Experience mentoring or coaching to growing team members, while sharing knowledge externally through blogs, hosting webinars, or presenting at conferences Ability to work independently and as part of a team Proficient communication skills, both written and verbal Willingness to travel up to 5-10% This position requires an 8-hour workday, with occasional evenings or weekends necessary to meet project deadlines or critical needs
Preferred Qualifications
Ability to provide technical and QA oversight on web applications and underlying APIs. Experience in one or more of the following programming or scripting languages (e.g., Ruby, Python, Perl, C, C++, Java, and C#) Offensive cybersecurity certifications (e.g., GXPN, GPEN, OSCP, GWAPT)
We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.
Not the right fit? Search for Security Consultant jobs in Toronto, Ontario, Canada
About NetSPI
NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance, so businesses can protect what matters most.
Leveraging a unique combination of dedicated security experts, intelligent process, and advanced technology, NetSPI helps security teams take a proactive approach to cybersecurity with more clarity, speed, and scale than ever before.
By continually advancing solutions such as Penetration Testing as a Service (PTaaS), Attack Surface Management (ASM), and Breach and Attack Simulation (BAS), NetSPI goes beyond the noise to deliver high impact results and recommendations based on business needs, so customers can protect their priorities, perform better, and innovate with confidence.
NetSPI secures the most trusted brands on Earth, including nine of the top 10 U.S. banks, four of the top five leading cloud providers, three of the five largest healthcare companies, four MAMAA companies, seven of the top 10 U.S. retailers & e-commerce companies, and many of the Fortune 500.
NetSPI is headquartered in Minneapolis, MN, with offices across the U.S., Canada, the UK, and India.
Similar Jobs
Senior Security Consultant (Web Application Penetration Tester)
About the role
NetSPI® is an award-winning pioneer of Penetration Testing as a Service (PTaaS) with its AI-powered platform supported by more than 350 in-house cybersecurity experts. Specializing in 50+ pentest types, attack surface visibility, vulnerability prioritization, and attack simulation, NetSPI delivers security testing with unprecedented clarity, speed, and scale.
NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at www.netspi.com/careers.
Join the mission as a Senior Security Consultant. We are seeking a skilled and detail-oriented Penetration Tester to conduct thorough security assessments, identify vulnerabilities, and provide expert recommendations to strengthen our clients' security posture. As a Penetration Tester supporting web applications, you will work closely with clients to deliver clear, actionable reports and contribute to the development of security best practices.
Responsibilities
Conduct engagements on web applications and underlying APIs independently and provide technical oversight Review reports for accuracy in technical oversight, perform weekly QA oversight, and provide mentoring support to others Create, deliver, and collaborate on penetration testing reports in diverse client environments, maintaining client-specific processes, reporting standards, and access protocols to help improve their security posture Research and develop innovative techniques, tools, and methodologies for penetration testing services, alongside commitment to improvement and execution on NetSPI specific products and processes Participate in development, implementation, and oversight of testing, delivery, and management strategies for key client accounts Perform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operations.
Minimum Qualifications
Bachelor’s degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experience Minimum of 3-5 years of work experience in Penetration Testing Familiarity with offensive tools, based on applicable skillset (e.g., Kali Linux, Burp Suite, Metasploit, Nessus) Familiarity with offensive and defensive IT concepts and protocols Extensive understanding of the OWASP Top 10, MITRE ATT&CK framework, and various security frameworks. Working knowledge of Windows, Linux and MacOS operating systems internals Experience mentoring or coaching to growing team members, while sharing knowledge externally through blogs, hosting webinars, or presenting at conferences Ability to work independently and as part of a team Proficient communication skills, both written and verbal Willingness to travel up to 5-10% This position requires an 8-hour workday, with occasional evenings or weekends necessary to meet project deadlines or critical needs
Preferred Qualifications
Ability to provide technical and QA oversight on web applications and underlying APIs. Experience in one or more of the following programming or scripting languages (e.g., Ruby, Python, Perl, C, C++, Java, and C#) Offensive cybersecurity certifications (e.g., GXPN, GPEN, OSCP, GWAPT)
We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.
Not the right fit? Search for Security Consultant jobs in Toronto, Ontario, Canada
About NetSPI
NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance, so businesses can protect what matters most.
Leveraging a unique combination of dedicated security experts, intelligent process, and advanced technology, NetSPI helps security teams take a proactive approach to cybersecurity with more clarity, speed, and scale than ever before.
By continually advancing solutions such as Penetration Testing as a Service (PTaaS), Attack Surface Management (ASM), and Breach and Attack Simulation (BAS), NetSPI goes beyond the noise to deliver high impact results and recommendations based on business needs, so customers can protect their priorities, perform better, and innovate with confidence.
NetSPI secures the most trusted brands on Earth, including nine of the top 10 U.S. banks, four of the top five leading cloud providers, three of the five largest healthcare companies, four MAMAA companies, seven of the top 10 U.S. retailers & e-commerce companies, and many of the Fortune 500.
NetSPI is headquartered in Minneapolis, MN, with offices across the U.S., Canada, the UK, and India.