... secure development practices and common web application attack vectors. Work you'll do As a ... Stay current on emerging threats, exploit techniques, and application security trends. A successful ...
... secure development practices and common web application attack vectors. Work you'll do As a ... Stay current on emerging threats, exploit techniques, and application security trends. A successful ...
Learning and development programs to grow and exploit full potential to succeed in your next step! * Educational support program * Employee referral program: be our best ambassador! * 401(K) ...
Learning and development programs to grow and exploit full potential to succeed in your next step! * Educational support program * Employee referral program: be our best ambassador! * 401(K) ...
Senior Engineer
Atlanta, GA · On-site
$100K - $138K/yr
... development of meaningful metrics, adoption and advancement of AI-assisted risk scoring ... exploit-based risks • API-first mindset • Advanced scripting, automation in PowerShell, Python ...
Senior Engineer
Atlanta, GA · On-site
$100K - $138K/yr
... development of meaningful metrics, adoption and advancement of AI-assisted risk scoring ... exploit-based risks • API-first mindset • Advanced scripting, automation in PowerShell, Python ...
Solution Key Account Manager - Health, Corporate, & Performance ATL (Atlanta (Georgia), GA, US)
Atlanta, GA · On-site
... development and account management. In this position you will be responsible for building and ... Develop business opportunities and exploit market potential * Generate leads, profile customers ...
Solution Key Account Manager - Health, Corporate, & Performance ATL (Atlanta (Georgia), GA, US)
Atlanta, GA · On-site
... development and account management. In this position you will be responsible for building and ... Develop business opportunities and exploit market potential * Generate leads, profile customers ...
Senior Engineer
Atlanta, GA · On-site
$100K - $138K/yr
... development of meaningful metrics, adoption and advancement of AI-assisted risk scoring ... exploit-based risks * API-first mindset * Advanced scripting, automation in PowerShell, Python ...
Senior Engineer
Atlanta, GA · On-site
$100K - $138K/yr
... development of meaningful metrics, adoption and advancement of AI-assisted risk scoring ... exploit-based risks * API-first mindset * Advanced scripting, automation in PowerShell, Python ...
... development and account management. In this position you will be responsible for building and ... Develop business opportunities and exploit market potential * Generate leads, profile customers ...
... development and account management. In this position you will be responsible for building and ... Develop business opportunities and exploit market potential * Generate leads, profile customers ...
... development and account management. In this position you will be responsible for building and ... Develop business opportunities and exploit market potential * Generate leads, profile customers ...
... development and account management. In this position you will be responsible for building and ... Develop business opportunities and exploit market potential * Generate leads, profile customers ...
Senior Engineer
Atlanta, GA · Hybrid
$100K - $138K/yr
... development of meaningful metrics, adoption and advancement of AI-assisted risk scoring ... exploit-based risks * API-first mindset * Advanced scripting, automation in PowerShell, Python ...
Senior Engineer
Atlanta, GA · Hybrid
$100K - $138K/yr
... development of meaningful metrics, adoption and advancement of AI-assisted risk scoring ... exploit-based risks * API-first mindset * Advanced scripting, automation in PowerShell, Python ...
... development and account management. In this position you will be responsible for building and ... Develop business opportunities and exploit market potential * Generate leads, profile customers ...
... development and account management. In this position you will be responsible for building and ... Develop business opportunities and exploit market potential * Generate leads, profile customers ...
Lead, Offensive Security
Atlanta, GA · Remote
... development, allowing the team to pursue training in emerging offensive security methodologies ... Offensive Security identifies weaknesses so the business can fix them before adversaries exploit ...
Lead, Offensive Security
Atlanta, GA · Remote
... development, allowing the team to pursue training in emerging offensive security methodologies ... Offensive Security identifies weaknesses so the business can fix them before adversaries exploit ...
Lead, Offensive Security
Atlanta, GA · Remote
... development, allowing the team to pursue training in emerging offensive security methodologies ... Offensive Security identifies weaknesses so the business can fix them before adversaries exploit ...
Lead, Offensive Security
Atlanta, GA · Remote
... development, allowing the team to pursue training in emerging offensive security methodologies ... Offensive Security identifies weaknesses so the business can fix them before adversaries exploit ...
Lead, Offensive Security
Atlanta, GA · Remote
... development, allowing the team to pursue training in emerging offensive security methodologies ... Offensive Security identifies weaknesses so the business can fix them before adversaries exploit ...
Lead, Offensive Security
Atlanta, GA · Remote
... development, allowing the team to pursue training in emerging offensive security methodologies ... Offensive Security identifies weaknesses so the business can fix them before adversaries exploit ...
Firearm/Toolmark Examiner
Forest Park, GA · On-site
$51K - $106K/yr
... best exploit the evidence items. * Use photographic equipment to capture still images of each ... We offer competitive compensation, benefits and learning and development opportunities. Our broad ...
Firearm/Toolmark Examiner
Forest Park, GA · On-site
$51K - $106K/yr
... best exploit the evidence items. * Use photographic equipment to capture still images of each ... We offer competitive compensation, benefits and learning and development opportunities. Our broad ...
Exploit Development information
See Georgia salary details
$20.48 is the 25th percentile. Wages below this are outliers.
$16.04 - $20.48
25% of jobs
The median wage is $24.75 / hr.
$20.48 - $24.93
26% of jobs
$29.38 is the 75th percentile. Wages above this are outliers.
$24.93 - $29.38
24% of jobs
$29.38 - $33.82
0% of jobs
$33.82 - $38.27
0% of jobs
$38.27 - $42.72
0% of jobs
$42.72 - $47.16
6% of jobs
$47.16 - $51.61
8% of jobs
$51.61 - $56.06
4% of jobs
$56.06 - $60.51
3% of jobs
$60.51 - $64.95
3% of jobs
$16
$31
$64
How much do exploit development jobs pay per hour?
What jobs can you get with offsec certs?
What jobs can I get as a game developer?
What is an Exploit Development job?
An Exploit Development job involves researching software, hardware, or network vulnerabilities and creating proof-of-concept exploits to demonstrate security weaknesses. Professionals in this role analyze security flaws, write exploits, and sometimes assist in patch development. They often work in cybersecurity firms, government agencies, or red teams conducting penetration testing. Strong knowledge of low-level programming, reverse engineering, and debugging tools is essential.
What are the key skills and qualifications needed to thrive in the Exploit Development position, and why are they important?
To thrive in Exploit Development, you need advanced knowledge of computer systems, programming languages (such as C, C++, Python, or Assembly), and a deep understanding of cybersecurity principles, often supported by a degree in computer science or related field. Familiarity with reverse engineering tools (like IDA Pro, Ghidra, or OllyDbg), debuggers, and certifications such as OSCE or OSEP are commonly required. Strong problem-solving skills, attention to detail, and the ability to communicate complex technical findings clearly are valuable soft skills in this role. These skills and qualities are essential to responsibly discover and analyze security vulnerabilities, develop proof-of-concept exploits, and contribute to organizational or client security enhancements.
What does an exploitation analyst do?
What is exploit development?
What are some of the primary challenges encountered in an Exploit Development role?
Exploit Development professionals often face the challenge of staying ahead of rapidly evolving security defenses and continuously learning new attack techniques and mitigation strategies. The work can require intense focus and patience, as reverse engineering and identifying vulnerabilities in complex systems may take considerable time and persistence. Additionally, strict adherence to ethical guidelines and clear communication with cross-functional security and engineering teams is critical for responsibly handling discovered vulnerabilities. Diligence, adaptability, and ongoing professional development are key to navigating the technical and ethical complexities of this role.
- Entry Level Mckesson Field Sales Development
- From Home Sdr
- Virtual Inbound Sales Development Representative
- Remote Fintech
- Remote Inbound Sales Development Representative
- Remote Sales Development Representative
- Night Shift Virtual Sales Representative
- Hourly Sdr
- Sales Development Representative
- Medical Device Sales Representative Internship
Full-time
Re-posted 24 days ago
Deloitte rating
8.1
Based on 90 frontline employees who took The Breakroom Quiz
60th of 148 rated financial services
Job description
We are seeking a skilled Penetration Tester to assess the security of web applications, APIs, and related systems. This role is responsible for identifying vulnerabilities, validating exploitability, and providing practical remediation guidance to improve overall application security posture. The ideal candidate combines hands-on offensive security experience with strong knowledge of secure development practices and common web application attack vectors.
Work you'll do
As a Penetration Tester on the Cyber Defense & Resilience team, you will be responsible for...
- Perform manual and automated penetration testing of web applications, APIs, and supporting infrastructure.
- Identify, validate, and document security vulnerabilities such as those in the OWASP Top 10.
- Conduct authenticated and unauthenticated testing across development, test, and production-like environments.
- Assess application security controls including authentication, authorization, session management, input validation, and encryption.
- Prepare clear, risk-based reports with technical findings, business impact, proof of concept, and remediation recommendations.
- Work with developers, architects, and security teams to explain findings and support remediation efforts.
- Retest remediated issues and confirm closure.
- Contribute to security standards, testing methodologies, and internal knowledge sharing.
- Stay current on emerging threats, exploit techniques, and application security trends.
- Ability to work independently and collaborate as part of a team
- Effective written and verbal communication skills
- Meticulous attention to detail and quality of work product
- Ability to build and sustain professional relationships
- Ability to lead projects or workstreams
- Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
- Strong interpersonal skills and professional demeanor
- Ability to meet deadlines
- Ability to provide clear guidance to others
Deloitte's Government & Public Services (GPS) practice - our people, ideas, technology and outcomes - is designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise.
Our Cyber Defense & Resilience offering assists clients in defending against advanced threats by transforming security operations, monitoring technology, data analytics, and threat intelligence. Helps manage and protect dynamic attack surfaces and provides rapid crisis and cyber incident response, ensuring clients can be ready for, respond to, and recover from business disruptions.
This opportunity sits within our Deloitte US Delivery Center model, which is dedicated to driving impactful business services. It leverages Deloitte's scale and talent, as well as a center delivery model to provide high-quality, cost-effective service with standardized processes and procedures to service businesses across Deloitte.
The Deloitte US Delivery Center has a small-business feel with a big-business impact. With the resources of Deloitte and a community feel, the delivery center model provides high-quality services to our clients. USDC professionals work out of one of our specific delivery center locations, and each location presents dynamic career opportunities for professionals to focus on their work with nominal travel requirements.
Qualifications
Required:
- Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related technical field
- Ability to obtain and maintain the necessary clearance for the role.
- Offensive Security Certified Professional (OSCP), Offensive Security Web Expert (OSWE), GIAC Penetration Tester (GPEN), or Certified Ethical Hacker (CEH).
- 2+ years of experience within the following:
- Hands-on penetration testing experience with a focus on web applications.
- Strong understanding of web technologies including HTTP/S, REST APIs, JavaScript, cookies, headers, and sessions.
- Experience identifying vulnerabilities such as SQL injection, XSS, CSRF, SSRF, IDOR, authentication flaws, and access control weaknesses.
- Proficiency with common testing tools such as Burp Suite, OWASP ZAP, Nmap, Postman, and similar tools.
- Experience writing professional penetration test reports for technical and non-technical audiences.
- Familiarity with OWASP Top 10, CWE, CVSS, and secure coding principles
- Delivery Center Location & Travel Requirements:
- Hybrid Work Model: Operate under a hybrid system requiring residence within a commutable distance to one of the US Delivery Center locations (Gilbert, Lake Mary, or Mechanicsburg) or Geo-Hub locations (Atlanta, Charlotte, Dallas, Houston, and Philadelphia)
- Co-location Expectation: Spend up to 30% of working time co-located at an assigned office for orchestrated opportunities, including projects, practice sessions, training, and Moments That Matter at a Deloitte Delivery Center location, Geo-Hub location, approved site, or project location
- Travel Requirement: Maximum of 10% overnight travel for client or project purposes
- Relocation Requirement: If relocation is necessary, complete the move within 12 weeks from the start date to reside within a commutable distance
- Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
- Experience testing modern frameworks and architectures such as single-page applications, microservices, and cloud-hosted applications.
- Knowledge of CI/CD pipelines and DevSecOps practices.
- Experience with source code review or secure code assessment.
- Familiarity with cloud platforms such as AWS, Azure, or GCP.
Recruiting tips
From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.
Benefits
At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.
Our people and culture
Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ways of thinking, ideas, and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work.
Our purpose
Deloitte's purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Learn more.
Professional development
From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.
As used in this posting, "Deloitte" means Deloitte Transactions and Business Analytics LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Requisition code: 350127
Job ID 350127