Execute web application, API and mobile penetration tests with a focus on manual testing beyond automated scanning - business logic, authentication abuse, authorization flaws, and injection chains
Execute web application, API and mobile penetration tests with a focus on manual testing beyond automated scanning - business logic, authentication abuse, authorization flaws, and injection chains
Penetration Tester
Salt Lake City, UT · On-site
... mobile and wireless technologies • Proficiency of various operating systems: Windows, iOS ... operations, penetration testing and incident response, applied research and rapid prototyping ...
Penetration Tester
Salt Lake City, UT · On-site
... mobile and wireless technologies • Proficiency of various operating systems: Windows, iOS ... operations, penetration testing and incident response, applied research and rapid prototyping ...
Penetration Tester
Los Angeles, CA · On-site
Position : Penetration Tester Locations: Los Angeles( CA), Dallas (TX), Washington DC ... Perform penetration tests against external networks, internal networks, web applications, mobile ...
Penetration Tester
Los Angeles, CA · On-site
Position : Penetration Tester Locations: Los Angeles( CA), Dallas (TX), Washington DC ... Perform penetration tests against external networks, internal networks, web applications, mobile ...
Senior Penetration Tester
$120K - $140K/yr
Web Application, API, and/or Mobile Penetration Testing experience * Strong oral and written client-facing communication skills * Strong understanding of security fundamentals and common ...
Quick apply
Senior Penetration Tester
$120K - $140K/yr
Web Application, API, and/or Mobile Penetration Testing experience * Strong oral and written client-facing communication skills * Strong understanding of security fundamentals and common ...
Dark Wolf is looking for a Penetration Tester who will plan and perform continuous cross-domain ... Proficiency in the testing and assessment of mobile operating systems, embedded systems and/or IoT ...
Quick apply
Dark Wolf is looking for a Penetration Tester who will plan and perform continuous cross-domain ... Proficiency in the testing and assessment of mobile operating systems, embedded systems and/or IoT ...
Penetration Tester
Ogden, UT · On-site
Dark Wolf is looking for a Penetration Tester who will plan and perform continuous cross-domain ... Proficiency in the testing and assessment of mobile operating systems, embedded systems and/or IoT ...
Penetration Tester
Ogden, UT · On-site
Dark Wolf is looking for a Penetration Tester who will plan and perform continuous cross-domain ... Proficiency in the testing and assessment of mobile operating systems, embedded systems and/or IoT ...
Dark Wolf is looking for a Penetration Tester who will plan and perform continuous cross-domain ... Proficiency in the testing and assessment of mobile operating systems, embedded systems and/or IoT ...
Dark Wolf is looking for a Penetration Tester who will plan and perform continuous cross-domain ... Proficiency in the testing and assessment of mobile operating systems, embedded systems and/or IoT ...
Penetration Tester
Salt Lake City, UT · On-site
... mobile and wireless technologies • Proficiency of various operating systems: Windows, iOS ... operations, penetration testing and incident response, applied research and rapid prototyping ...
Penetration Tester
Salt Lake City, UT · On-site
... mobile and wireless technologies • Proficiency of various operating systems: Windows, iOS ... operations, penetration testing and incident response, applied research and rapid prototyping ...
Penetration Tester III
Washington, DC · On-site
Experience performing IoT, mobile, and cloud penetration testing * Experience supporting High Value Asset (HVA) assessments * Experience applying MITRE ATT&CK, OSSTMM, OWASP, NIST, PTES, and ISSAF ...
Penetration Tester III
Washington, DC · On-site
Experience performing IoT, mobile, and cloud penetration testing * Experience supporting High Value Asset (HVA) assessments * Experience applying MITRE ATT&CK, OSSTMM, OWASP, NIST, PTES, and ISSAF ...
Dark Wolf is looking for a Penetration Tester who will plan and perform continuous cross-domain ... Proficiency in the testing and assessment of mobile operating systems, embedded systems and/or IoT ...
Quick apply
Dark Wolf is looking for a Penetration Tester who will plan and perform continuous cross-domain ... Proficiency in the testing and assessment of mobile operating systems, embedded systems and/or IoT ...
Penetration Tester
Washington, DC · On-site
$130K - $145K/yr
Dark Wolf is actively seeking an experienced Penetration Tester to join our innovative team. This ... Proficiency in the testing and assessment of mobile operating systems, embedded systems, and/or IoT ...
Penetration Tester
Washington, DC · On-site
$130K - $145K/yr
Dark Wolf is actively seeking an experienced Penetration Tester to join our innovative team. This ... Proficiency in the testing and assessment of mobile operating systems, embedded systems, and/or IoT ...
Penetration Tester
Washington, DC · Hybrid
$130K - $145K/yr
Dark Wolf is actively seeking an experienced Penetration Tester to join our innovative team. This ... Proficiency in the testing and assessment of mobile operating systems, embedded systems, and/or IoT ...
Penetration Tester
Washington, DC · Hybrid
$130K - $145K/yr
Dark Wolf is actively seeking an experienced Penetration Tester to join our innovative team. This ... Proficiency in the testing and assessment of mobile operating systems, embedded systems, and/or IoT ...
Penetration Tester
Albany, NY · On-site
Experience with mobile application penetration testing. * Knowledge of regulations like HIPAA. * Experience with API testing
Penetration Tester
Albany, NY · On-site
Experience with mobile application penetration testing. * Knowledge of regulations like HIPAA. * Experience with API testing
Conduct web, mobile, API, and microservices security testing using industrystandard tools and manual exploitation techniques. * Execute AWS cloud penetration testing within approved boundaries (IAM ...
Penetration Tester
Herndon, VA · Hybrid
$130K - $145K/yr
Dark Wolf is actively seeking an experienced Penetration Tester to join our innovative team. This ... Proficiency in the testing and assessment of mobile operating systems, embedded systems, and/or IoT ...
Quick apply
Penetration Tester
Herndon, VA · Hybrid
$130K - $145K/yr
Dark Wolf is actively seeking an experienced Penetration Tester to join our innovative team. This ... Proficiency in the testing and assessment of mobile operating systems, embedded systems, and/or IoT ...
Senior Penetration Tester
Tampa, FL · On-site
Plan, scope, and execute penetration testing engagements across a variety of environments, including web applications, APIs, cloud platforms, infrastructure, thick-client, and/or mobile applications.
Senior Penetration Tester
Tampa, FL · On-site
Plan, scope, and execute penetration testing engagements across a variety of environments, including web applications, APIs, cloud platforms, infrastructure, thick-client, and/or mobile applications.
Penetration Tester
Albany, NY · On-site
$60/hr
Experience with mobile application penetration testing. * Knowledge of regulations like HIPAA. * Experience with API testing Donato Technologies Inc. is a trusted IT staffing, consulting, and ...
Quick apply
Penetration Tester
Albany, NY · On-site
$60/hr
Experience with mobile application penetration testing. * Knowledge of regulations like HIPAA. * Experience with API testing Donato Technologies Inc. is a trusted IT staffing, consulting, and ...
Penetration Tester III
Washington, DC · On-site
Experience performing IoT, mobile, and cloud penetration testing * Experience supporting High Value Asset (HVA) assessments * Experience applying MITRE ATT&CK, OSSTMM, OWASP, NIST, PTES, and ISSAF ...
Penetration Tester III
Washington, DC · On-site
Experience performing IoT, mobile, and cloud penetration testing * Experience supporting High Value Asset (HVA) assessments * Experience applying MITRE ATT&CK, OSSTMM, OWASP, NIST, PTES, and ISSAF ...
Experience performing IoT, mobile, and cloud penetration testing * Experience supporting High Value Asset (HVA) assessments * Experience applying MITRE ATT&CK, OSSTMM, OWASP, NIST, PTES, and ISSAF ...
Quick apply
Experience performing IoT, mobile, and cloud penetration testing * Experience supporting High Value Asset (HVA) assessments * Experience applying MITRE ATT&CK, OSSTMM, OWASP, NIST, PTES, and ISSAF ...
Plan, scope, and execute penetration testing engagements across a variety of environments, including web applications, APIs, cloud platforms, infrastructure, thick-client, and/or mobile applications.
Plan, scope, and execute penetration testing engagements across a variety of environments, including web applications, APIs, cloud platforms, infrastructure, thick-client, and/or mobile applications.
Mobile Penetration Tester information
See salary details
$22.5K - $35.8K
0% of jobs
$35.8K - $49K
0% of jobs
$49K - $62.3K
2% of jobs
$62.3K - $75.6K
3% of jobs
$75.6K - $88.9K
1% of jobs
$101.1K is the 25th percentile. Wages below this are outliers.
$88.9K - $102.1K
20% of jobs
$102.1K - $115.4K
14% of jobs
The median wage is $120.4K / yr.
$115.4K - $128.7K
26% of jobs
$138.1K is the 75th percentile. Wages above this are outliers.
$128.7K - $142K
13% of jobs
$142K - $155.2K
13% of jobs
$155.2K - $168.5K
9% of jobs
$22.5K
$119.9K
$168.5K
How much do mobile penetration tester jobs pay per year?
What is a Mobile Penetration Tester job?
A Mobile Penetration Tester evaluates the security of mobile applications, devices, and networks by simulating real-world attacks. They identify vulnerabilities, exploit weaknesses, and provide recommendations to strengthen security. This role requires knowledge of mobile operating systems (iOS, Android), reverse engineering, network security, and threat modeling. Testers use various tools and techniques to assess app security, including static and dynamic analysis. Their goal is to help organizations protect sensitive data and improve overall mobile security.
What are common challenges faced by Mobile Penetration Testers in their day-to-day work?
Mobile Penetration Testers often encounter the challenge of keeping up with rapidly evolving mobile platforms, frequent security patch releases, and diverse device configurations. Testing applications in various environments, dealing with obfuscated code, and adhering to strict project timelines can also add complexity. Collaboration with developers and IT teams is frequently required to ensure that security recommendations are implemented effectively. Adapting to new tools and methodologies is part of the role, making continuous learning a key aspect of success in this field.
What are the key skills and qualifications needed to thrive in the Mobile Penetration Tester position, and why are they important?
A Mobile Penetration Tester needs strong knowledge of mobile operating systems (Android and iOS), secure coding practices, and vulnerability assessment, typically supported by a background in cybersecurity or computer science. Familiarity with tools like Burp Suite, Frida, OWASP Mobile Security Testing Guide (MSTG), and certifications such as OSCP or GMOB are highly valued. Excellent analytical thinking, communication, and report-writing skills help testers clearly convey findings to both technical and non-technical stakeholders. These abilities are essential to identify and mitigate mobile security risks, ensuring robust defense measures for organizations.
- Entry Level Cybersecurity Penetration Tester
- Giac Exploit Researcher And Advanced Penetration Tester
- Internship Penetration Testing Consultant
- Biometrics Systems Engineer
- Penetration Tester Ethical Hacker
- Internship Penetration Tester Ethical Hacker
- Physical Penetration Tester
- Salaried Oscp Remote
- Penetration Testing Consulting
- Penetration Testing Companies

Job description
BreachLock is a global leader in Offensive Security including Red Teaming, Continuous Attack Surface Discovery and Penetration Testing services. We help organizations discover, prioritize, and mitigate exposures with evidence-backed Attack Surface Management, Penetration Testing, and Red Teaming. BreachLock provides an attacker's perspective that goes beyond standard vulnerabilities, enabling organizations to build a comprehensive, proactive defense strategy.
Role Description
Penetration Tester (Mid-Senior) Full-Time Remote (US)
As a penetration tester on BreachLock's US Strategic delivery team, you'll execute manual, methodology-driven engagements across web applications, APIs, and internal networks - including assumed breach simulations - for enterprise clients. You'll work directly with delivery leadership, contribute to internal tooling and quality systems, and help raise the bar for the team around you.
Key Responsibilities
- Execute web application, API and mobile penetration tests with a focus on manual testing beyond automated scanning - business logic, authentication abuse, authorization flaws, and injection chains
- Conduct internal network assessments, external network assessments and assumed breach engagements, including Active Directory enumeration, lateral movement, privilege escalation, and post-exploitation
- Leverage frameworks including MITRE ATT&CK, PTES, and OWASP to structure assessments and findings
- Develop and contribute to internal tooling - automation scripts, reporting utilities, and workflow improvements using Python, Bash, or similar
- Participate in QA review cycles, providing structured feedback on findings, CVSS scoring accuracy, and report quality
- Mentor junior testers through technical guidance and finding review
- Collaborate with delivery leadership on scoping, client kickoff calls, and remediation guidance
Requirements
- 3-5 years of professional penetration testing experience in a delivery or consulting context
- Strong web application and API testing fundamentals - Burp Suite proficiency, OWASP Top 10 and beyond, authentication and session management testing
- Solid internal network assessment skills - AD enumeration, Kerberoasting, NTLM relay, ADCS misconfigurations, assumed breach methodology
- Proficiency in scripting and automation (Python, PowerShell, Bash)
- Strong written communication - capable of writing clear, accurate, well-scoped findings independently
- Familiarity with PTaaS delivery models or platform-based reporting workflows is a plus
- US-based and eligible to work without sponsorship
Preferred
- Experience with C2 frameworks (Cobalt Strike, Havoc, Sliver, or similar)
- Active involvement in cybersecurity communities, research, or bug bounty programs
- Certifications such as OSCP, BSCP, CRTO, GWAPT, GPEN, or equivalent practical credentials
- Experience with SIEM platforms or EDR tools from an adversarial perspective
Benefits
- Competitive compensation and performance-based equity opportunities
- Flexible work hours with hybrid remote options
- Opportunity to work with international cybersecurity experts
- Strong career progression in a rapidly expanding early-stage company
- Exposure to cutting-edge research, tools, and techniques in offensive security
Additional Organization Details
- BreachLock Website
- Leadership Team
- Meet the BreachLockers Video Series
- Reuters Coverage
- CEO Interview - Cybercrime Magazine
- Seemant Sehgal Interview on RT4 & RTLZ
About BreachLock
Sourced by ZipRecruiter
Industry
Network security
Company size
51 - 200 Employees
Headquarters location
New York, NY, US
Year founded
2018