2

Remote Application Penetration Tester Jobs (NOW HIRING)

This position is fully remote. This position requires a Public Trust or the ability to obtain a ... Experience with network and application security assessments. * Experience documenting technical ...

Remote Duration: 12 Months on W2 contract (Possible Extension) Must-Have Skills: * 3+ years of hands-on Penetration Testing / Offensive Security experience * Web Application, API, and Infrastructure ...

Remote Duration: 6-12 months Job Summary: Role Purpose * The Junior Penetration Tester is an ... Web application and API testing * Entry-level cloud security testing (AWS, Azure, GCP) * Perform ...

Under general supervision, perform penetration testing of applications, systems, and network ... application, please contact hr@teksynap.com for assistance.remote #telework #linkedin #LI-Remote ...

next page

Showing results 1-20

Remote Application Penetration Tester information

See salary details

$96.5K

$132.3K

$159.5K

How much do remote application penetration tester jobs pay per year?

As of Jul 5, 2026, the average yearly pay for remote application penetration tester in the United States is $132,307.00, according to ZipRecruiter salary data. Most workers in this role earn between $121,500.00 and $146,500.00 per year, depending on experience, location, and employer.

What is the difference between Remote Application Penetration Tester vs Remote Security Analyst?

AspectRemote Application Penetration TesterRemote Security Analyst
CertificationsOSCP, CEH, GPENCISSP, Security+
Work EnvironmentHands-on testing, vulnerability assessmentsMonitoring, incident response, policy development
Industry UsageCybersecurity firms, tech companies, consultingFinancial, healthcare, government sectors

The Remote Application Penetration Tester focuses on identifying vulnerabilities in applications through active testing, while the Remote Security Analyst monitors security systems and responds to threats. Both roles require cybersecurity certifications and are vital in protecting organizational assets, but they differ in daily tasks and focus areas.

How does a remote application penetration tester typically collaborate with development teams to address identified vulnerabilities?

Remote application penetration testers often work closely with development teams by providing detailed reports on vulnerabilities discovered during assessments, including risk ratings and remediation recommendations. Communication usually takes place via secure collaboration tools, video calls, and ticketing systems to track progress on fixing issues. Testers may also participate in follow-up meetings or retesting efforts to verify that vulnerabilities have been properly addressed. Building effective working relationships and clear communication are key to ensuring that security improvements are implemented efficiently in distributed, remote environments.

What are the key skills and qualifications needed to thrive as a Remote Application Penetration Tester, and why are they important?

To thrive as a Remote Application Penetration Tester, you need in-depth knowledge of web and mobile application security, strong understanding of networking, and experience with common programming languages and security frameworks, often backed by certifications like OSCP or CEH. Familiarity with tools such as Burp Suite, Metasploit, Nmap, and vulnerability scanners is expected. Outstanding analytical thinking, attention to detail, and clear written communication set top performers apart. These skills are essential to identify vulnerabilities, provide actionable recommendations, and ensure robust application security in diverse, remote environments.

What is a Remote Application Penetration Tester?

A Remote Application Penetration Tester is a cybersecurity professional who evaluates the security of software applications from a remote location. They simulate cyberattacks on web, mobile, or cloud applications to identify vulnerabilities that could be exploited by malicious actors. Their work involves using specialized tools and techniques to test the application's defenses, report findings, and recommend solutions to improve security. By working remotely, they can assess applications from anywhere, providing flexibility and broad coverage for organizations.
More about Remote Application Penetration Tester jobs
What cities are hiring for Remote Application Penetration Tester jobs? Cities with the most Remote Application Penetration Tester job openings:
What are the most commonly searched types of Application Penetration Tester jobs? The most popular types of Application Penetration Tester jobs are:
What states have the most Remote Application Penetration Tester jobs? States with the most job openings for Remote Application Penetration Tester jobs include:
Infographic showing various Remote Application Penetration Tester job openings in the United States as of June 2026, with employment types broken down into 70% Full Time, and 30% Part Time. Highlights an 37% Physical, 3% Hybrid, and 60% Remote job distribution, with an average salary of $132,307 per year, or $63.6 per hour.
Senior Web Application Penetration Tester

Senior Web Application Penetration Tester

SixGen, Inc.

Annapolis, MD • On-site, Remote

$125K - $145K/yr

Other

Medical, Dental, Vision, Life, Retirement, PTO

Posted 22 days ago


Job description

SIXGEN's mission is to deliver agile, mission-ready cybersecurity solutions that empower government and critical infrastructure organizations to stay ahead of advanced cyber threats. We combine innovation, deep expertise, and cutting-edge capabilities to uncover vulnerabilities, protect vital systems, and ensure operational superiority in an ever-evolving digital landscape.

POSITION OVERVIEW

Position: Senior Web Application Penetration Tester
Job Type: Full-time
Location: Maryland, Northern Virginia, or Remote
Clearance Requirements: Must be able to obtain a Secret Clearance
Travel Requirements: Up to 10%
Experience: 5+ years

Salary:$125,000-$145,000

WHAT YOU'LL DO

We are seeking a skilled and motivated Senior Web Application Penetration Tester to join our growing cyber operations team. The ideal candidate will possess deep expertise in web application security testing, vulnerability research, and exploitation techniques, with the ability to identify complex attack paths and develop creative solutions to challenging security problems.

This role goes far beyond automated scanning. Successful candidates will conduct in-depth assessments of web applications, APIs, mobile applications, and supporting infrastructure while leveraging custom tooling, manual testing techniques, and advanced exploitation methodologies to uncover impactful security findings.

KEY RESPONSIBILITIESWeb Application Security Assessments
  • Conduct penetration testing of web applications, APIs, mobile applications, databases, and client-side technologies.
  • Perform application enumeration, endpoint discovery, vulnerability research, and exploitation activities.
  • Identify, validate, and assess vulnerabilities across complex environments.
  • Analyze attack paths and security weaknesses to determine business and operational impact.
Technical Analysis & Research
  • Develop and utilize custom tools, scripts, and payloads to support testing activities.
  • Perform network mapping, vulnerability analysis, and security assessments across applications and supporting infrastructure.
  • Research emerging vulnerabilities, attack techniques, and exploitation methodologies.
  • Support post-exploitation activities involving cloud and enterprise environments when applicable.
Client Engagement & Reporting
  • Collaborate with clients and internal teams to define scope, review findings, and recommend remediation strategies.
  • Communicate technical concepts and findings to both technical and non-technical stakeholders.
  • Produce comprehensive reports, including detailed findings, exploitation procedures, risk analysis, and mitigation recommendations.
  • Participate in client meetings and provide ongoing updates throughout assessment activities.
QUALIFICATIONS
  • 5+ years of experience in web application penetration testing or offensive cybersecurity.
  • Demonstrated experience conducting manual web application security assessments.
  • Knowledge of modern web application vulnerabilities, attack methodologies, and exploitation techniques.
  • Experience with network mapping, vulnerability scanning, and penetration testing methodologies.
  • Familiarity with NIST 800-series standards and cybersecurity best practices.
  • Experience developing scripts, payloads, or custom testing tools.
  • Strong analytical, problem-solving, and communication skills.
Preferred Certifications

One or more of the following certifications is strongly preferred:

  • CWES (preferred)
  • CWEE (preferred)
  • OSCP
  • OSWA
  • OSWE
  • CRTO
  • GWAPT
  • Other relevant hands-on offensive security certifications
PREFERRED QUALIFICATIONS
  • Experience with cloud environments and post-exploitation activities.
  • Experience with Active Directory security assessments.
  • Familiarity with FISMA compliance requirements.
  • Experience supporting government or regulated industry clients.
  • Proficiency with common offensive security tools and frameworks.
COMPENSATION & BENEFITS

At SIXGEN, we are committed to fair and equitable compensation practices. Compensation for this role will be based on experience, qualifications, technical expertise, and overall alignment with the position.

Additionally, SIXGEN offers top-tier benefits for full-time employees, including:

  • Employer-paid health insurance premiums (medical, dental, vision) for you and your family 
  • Employer-paid short/long term disability insurance and basic life/AD&D insurance
  • 401K with a 4% employer contribution
  • Professional development reimbursement options available (training, certification, education, etc)
  • Flexible and remote work policies for most positions
  • Flexible PTO and holiday schedule

For more information, please reach out to our Director of Human Resources, Amy Maxwell at amy.maxwell@sixgen.io.

OUR COMMITMENT

SIXGEN is an Equal Opportunity Employer. We ensure that all applicants are considered for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, age, marital status, ancestry, projected veteran status, or any other protected group or class.

We are committed to fostering an inclusive culture that values diversity in our people, reflecting the communities we serve and our customer base. We strive to attract and retain a diverse talent pool and create an environment where everyone is empowered to be their authentic selves at work.