Senior Penetration Tester / WebApp, Network, & Social Engineering / Hybrid / Full-Time
Lehigh Valley, PA
Hybrid
Full Time
$150k - $190k
A local consulting firm is building out its offensive security practice and seeking a Senior Pen Tester to lead the charge. This full-time, direct-hire role is hybrid, offering a flexible schedule in a great team environment. The ideal candidate brings strong experience across both pen testing and red teaming, network, webapp, and social engineering, and will work in a hands-on capacity while defining the future of the program.
This company places a high value on culture, collaboration, and intentional growth. The Senior Pen Tester will not only drive technical assessments and client engagements but also help to define the program’s direction – choosing tooling, refining methodologies, and identifying new service areas. Past engagements have included black box and white box testing, full red team operations, and lighter assessment work. The firm is looking to evolve these offerings into a more mature, scalable model. If you're comfortable in a client-facing role, skilled in running top-level pen tests and red team operations, and driven to inspire a collaborative environment, this role is for you. Any prior work and interest in how AI is shaping the threat landscape makes you particularly fitted for this role, as the program intends to remain aligned with the constantly changing environment, and therefore, work to implement generative and agentic AI technologies.
Required Skills & Experience
Tech Breakdown
The Offer
Applicants must be currently authorized to work in the US on a full-time basis now and in the future.
This company places a high value on culture, collaboration, and intentional growth. The Senior Pen Tester will not only drive technical assessments and client engagements but also help to define the program’s direction – choosing tooling, refining methodologies, and identifying new service areas. Past engagements have included black box and white box testing, full red team operations, and lighter assessment work. The firm is looking to evolve these offerings into a more mature, scalable model. If you're comfortable in a client-facing role, skilled in running top-level pen tests and red team operations, and driven to inspire a collaborative environment, this role is for you. Any prior work and interest in how AI is shaping the threat landscape makes you particularly fitted for this role, as the program intends to remain aligned with the constantly changing environment, and therefore, work to implement generative and agentic AI technologies.
Required Skills & Experience
- 6+ years in a hands-on offensive security role, with a strong foundation in penetration testing and red teaming
- Proven experience conducting internal/external network assessments, webapp and API testing, and social engineering engagements
- Familiarity with both black box and white box testing methodologies
- Full scope testing capabilities, including execution, documentation, and client reporting
- Prior consulting experience delivering pen test and/or red team services to external clients
- Strong collaborative mindset with a passion for learning and mentoring junior team members
- Relevant certifications such as OSCP, CEH, or equivalent offensive security credentials
- Understanding of how AI is shaping the threat landscape and a desire to contribute to research and development in this space
- Passion for staying current with emerging threats, vulnerabilities, and offensive security trends
- Experience with adversary emulation frameworks (e.g., MITRE ATT&CK, CALDERA, Atomic Red Team)
- Comfort with scripting and automation (Python, PowerShell, Bash) to support offensive tooling and infrastructure.
Tech Breakdown
- 40% Network and Infrastructure Testing
- 40% Web Application and API Testing
- 20% Social Engineering and Physical Security Assessments
- 85% Hands-on Technical Execution (Pen Testing & Red Teaming)
- 15% Strategic Program Development & Team Collaboration
The Offer
- Competitive base salary
- Monthly profit-sharing bonus tied to individual testing goals – earn more when you meet or exceed your assessment targets.
- Medical, Dental, and Vision Insurance
- Vacation Time
Applicants must be currently authorized to work in the US on a full-time basis now and in the future.