1 to 25 of 49 Remote Permanent Burp Suite Jobs

Technical Skills: Minimum 3 years of hands-on penetration testing experience. Skilled in testing: Web apps, Mobile apps, Cloud (AWS, Azure, GCP), and On-prem infrastructure. Familiar with Burp Suite, Metasploit, Nmap, Wireshark, and other industry tools. Scripting ability in Python, Bash or similar. Comfortable with Linux, networking principles, and cloud environments. Soft Skills & Consulting Ability More ❯

role, it will now be based on an Umbrella solution. Essential Skills/experience Required Experience penetration testing, ethical hacking, or completing vulnerability assessments. Security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.). DevSecOps principles and tools (e.g., Veracode, SonarQube, GitHub Advanced Security, IaC scanning, etc.). Secure Cloud Infrastructure, specifically AWS More ❯

ongoing research. What You Bring - Skills & Experience 2 to 5+ years of hands-on penetration testing experience across network, web, wireless, and cloud environments. Expert with core tools: Burp Suite, Metasploit, Cobalt Strike, Nmap , and custom scripting. Deep understanding of vulnerabilities (OWASP Top 10, MITRE ATT&CK) and exploitation methods. Experience delivering reports aligned to PTES More ❯

activities, helping to develop scenarios and engage in both blue and red team activities. Some experience with tooling such as Metasploit, Nmap, Cobalt Strike, Hydra, John the Ripper, Burp Suite, Mimikatz, Bloodhound, and others. Threat Hunting Ability to learn fast new advanced persistent threat (APT) tactics, techniques, and procedures (TTPs) mapped to the cyber kill chain More ❯

research papers and articles. Skills/Must have: Strong knowledge of OWASP methodologies and offensive testing across black/grey/white-box approaches. Proficiency in tools like Burp Suite, Kali, Nmap, Nessus, Qualys, Metasploit. Familiarity with cloud platform security testing (AWS, Azure, GCP). Understanding of mobile security (Android & iOS), networking protocols, and the OSI More ❯

research papers and articles. Skills/Must have: Strong knowledge of OWASP methodologies and offensive testing across black/grey/white-box approaches. Proficiency in tools like Burp Suite, Kali, Nmap, Nessus, Qualys, Metasploit. Familiarity with cloud platform security testing (AWS, Azure, GCP). Understanding of mobile security (Android & iOS), networking protocols, and the OSI More ❯

Top 10, CWE, CVSS scoring etc.) Strong experience communicating to stakeholders of varying technical skill levels Your experience should include: Using offensive security tooling, including tools such as Burp Suite, Kali, Metasploit and such Scripting including the use of python, Powershell, bash or Javascript Securing networks, hosts, web applications and cloud native deployments Working with toolsets More ❯

querying, forensic investigation, threat mitigation, and root cause analysis. Conduct internal security reviews, network scans, and targeted penetration tests of applications and infrastructure using common security tooling (e.g., Burp Suite, ZAP, Amass, Nmap). Assess and mitigate static (SAST) and dynamic (DAST) vulnerabilities across services and components. Evaluate, implement, and maintain security tooling to support vulnerability More ❯

Hacking Strong knowledge of network and cloud infrastructure security. Up-to-date on the latest cybersecurity threats and technologies. Strong knowledge in pen testing tools ( Metasploit, Nmap, Wireshark, Burp Suite, Nessus, OWASP ZAP, Eyewitness, Nessus, sqlmap, kali linux, etc) Ideally certified – eg OSCP, CRTP, CPPT, CEH, CISSP, OSWP, eJPT, eWPT Good reporting and security debriefing skills More ❯

Hacking Strong knowledge of network and cloud infrastructure security. Up-to-date on the latest cybersecurity threats and technologies. Strong knowledge in pen testing tools ( Metasploit, Nmap, Wireshark, Burp Suite, Nessus, OWASP ZAP, Eyewitness, Nessus, sqlmap, kali linux, etc) Ideally certified – eg OSCP, CRTP, CPPT, CEH, CISSP, OSWP, eJPT, eWPT Good reporting and security debriefing skills More ❯

penetration testing experience. Strong understanding of OWASP, SSL/TLS, SSH, and HTTP. Comfortable conducting black box, grey box, and white box testing. Familiar with tools like Kali, Burp Suite, Metasploit, Nmap, Nessus, and Qualys. Knowledge of AWS, Azure, or Google Cloud platform security. At least 2 certifications from: CREST CRT, OSCP, OSCE, or CCT. Desirable More ❯

penetration testing experience. Strong understanding of OWASP, SSL/TLS, SSH, and HTTP. Comfortable conducting black box, grey box, and white box testing. Familiar with tools like Kali, Burp Suite, Metasploit, Nmap, Nessus, and Qualys. Knowledge of AWS, Azure, or Google Cloud platform security. At least 2 certifications from: CREST CRT, OSCP, OSCE, or CCT. Desirable More ❯

penetration testing experience in enterprise environments. Deep understanding of infrastructure testing, Active Directory security, and cloud technologies (AWS, Azure, Kubernetes). Strong familiarity with tools such as Nmap, Burp Suite, Metasploit, Impacket, and SMBClient. Able to articulate technical findings to both technical and non-technical audiences in written and verbal formats. How to be successful in More ❯

Active Directory. Knowledge of Scripting Languages e.g. Python, Shell Scripting etc. Strong expertise with web application and network pen testing methodologies. Proficiency in using penetration testing tools such as BurpSuite Pro, Nmap, Nessus, and Metasploit. Experienced in using Kali Linux and the associated penetration testing tool suite. Advanced completion of penetration testing simulations like Hack the Box or Capture the More ❯

preferred but not required). Solid understanding of common attack techniques and vulnerability classes (e.g., OWASP Top 10, MITRE ATT&CK). Strong familiarity with tools such as Burp Suite, Nmap, Metasploit, etc. Excellent communication and reporting skills. Required Qualifications: Demonstrable experience in penetration testing (minimum 2 years preferred). Hold at least one of the More ❯

OWASP, MITRE ATT&CK, CVE/CVSS, and NIST SP 800-53. Experience of vulnerability scanning tools, penetration testing tools, and security testing frameworks (e.g., Nessus, Metasploit, Burp Suite, Nmap, Claire, and OpenSCAP). Extensive experience with Red Teaming, Purple Teaming and Attack Automation. Familiarity with industry regulations and compliance standards related to cybersecurity, such More ❯

or software security evaluation. • Certifications such as CISSP, CEH, OSCP, or GIAC GWEB are highly preferred. • Experience with secure coding practices and software vulnerability assessment tools (e.g., Nessus, Burp Suite, Fortify, SonarQube). • Familiarity with secure software development lifecycle (SSDLC) methodologies. • Strong knowledge of encryption protocols, authentication mechanisms, and network security. • Ability to work independently and More ❯

more. Excellent communication and report writing skills. Amazing Extras Experience in generating and writing clear, concise and actionable penetration testing reports Hands-on familiarity with tools such as Burp Suite, Nessus, Qualys and other industry testing tools. Experience to scripting or automation tools, such as Python, Bash or PowerShell. Desirable to have any penetration testing qualifications More ❯

offensive security and penetration testing Demonstrable experience in infrastructure and web application testing, experience in API testing is desirable. Demonstrable experience using common pen testing tools including Kali Linux, Burpsuite, Nessus and other industry standard tools. Hold or working towards an industry recognised certification including CompTIA PenTest+; CHECK, CREST; Offensive Security Certified Professional (OSCP) etc. Relevant experience within a cyber … weekly. 25 Days Holiday. Lifestyle, Health, and Wellbeing including financial wellbeing benefits such as financial tools, electric car scheme and access to a virtual GP. Access to a suite of 300+ courses on demand developed by our inhouse Talent Development team. Diversity and Inclusion at RSM At RSM, we want to create a strong sense of belonging so More ❯

delivery team, you'll contribute to the coordination and execution of security testing across the software development lifecycle. This will involve running vulnerability scans using tools such as Burp, coordinating with relevant teams, testing security related issues.?? Support the wider test team by sharing knowledge and guidance on security testing approaches and tooling.???? Attend meetings and provide stakeholders … CSTA or GIAC Penetration testing,?OR currently working towards this OR have proven working experience.??? Working knowledge of at least 5 of the following security tools and technologies: Burp Suite (including Burp Scanner) - for web app vulnerability scanning and manual security testing. OWASP ZAP - for DAST and automated security regression testing. Postman or SOAP … for secure code handling and integration with security scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets detection tools - e.g. GitLeaks, truffleHog, detect-secrets. Threat modelling approaches - e.g. STRIDE, or creating risk More ❯

delivery team, you'll contribute to the coordination and execution of security testing across the software development lifecycle. This will involve running vulnerability scans using tools such as Burp, coordinating with relevant teams, testing security related issues. Support the wider test team by sharing knowledge and guidance on security testing approaches and tooling. Attend meetings and provide stakeholders … CSTA or GIAC Penetration testing, OR currently working towards this OR have proven working experience. Working knowledge of at least 5 of the following security tools and technologies: Burp Suite (including Burp Scanner) - for web app vulnerability scanning and manual security testing. OWASP ZAP - for DAST and automated security regression testing. Postman or SOAP … for secure code handling and integration with security scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets detection tools - e.g. GitLeaks, truffleHog, detect-secrets. Threat modelling approaches - e.g. STRIDE, or creating risk More ❯

an organization's IT infrastructure, networks, systems, and applications to identify potential weaknesses and vulnerabilities. Performing vulnerability testing and penetration testing: Using various tools and techniques (like Nessus, Burp Suite, Metasploit), you'll simulate attacks to uncover exploitable flaws. Developing threat analysis schedules and staying updated on emerging threats: Keeping abreast of the latest attack vectors More ❯

an organization's IT infrastructure, networks, systems, and applications to identify potential weaknesses and vulnerabilities. Performing vulnerability testing and penetration testing: Using various tools and techniques (like Nessus, Burp Suite, Metasploit), you'll simulate attacks to uncover exploitable flaws. Developing threat analysis schedules and staying updated on emerging threats: Keeping abreast of the latest attack vectors More ❯

an organization's IT infrastructure, networks, systems, and applications to identify potential weaknesses and vulnerabilities. Performing vulnerability testing and penetration testing: Using various tools and techniques (like Nessus, Burp Suite, Metasploit), you'll simulate attacks to uncover exploitable flaws. Developing threat analysis schedules and staying updated on emerging threats: Keeping abreast of the latest attack vectors More ❯

Gateway Menlo CASB Cisco Secure Access Cisco Umbrella Cisco ASA KnowBe4 Digicert Certificates and Microsoft Certificate Services Ivanti or Automox patching AppCheck or Tenable WAS Kali Linux (NMAP, Metasploit, BurpSuite, John etc) Desired Education: CISM, MS SC100, 200 and 900, OSCP or other penetration testing qualifications. Industry: Financial services, SOC, Pentesting is desirable Personal Skills: Excellent inter-personal, written and More ❯