SixGen, Inc.: Senior Web Application Penetration Tester

The Senior Web Application Penetration Tester role at SixGen, Inc. requires extensive expertise in identifying and exploiting security vulnerabilities within web applications. Candidates should possess advanced knowledge of common web technologies such as HTML, JavaScript, CSS, and server-side languages, alongside familiarity with web frameworks and APIs. Proficiency in penetration testing methodologies, including threat modeling, vulnerability assessment, and exploitation techniques, is essential. Experience with tools like Burp Suite, OWASP ZAP, Metasploit, and manual testing approaches is expected to effectively simulate attack scenarios and uncover security flaws. A senior-level tester must demonstrate the ability to conduct comprehensive security assessments, including authentication, session management, input validation, and access control testing. Strong understanding of OWASP Top Ten vulnerabilities and mitigation strategies is critical. Additionally, expertise in reporting findings clearly and recommending remediation steps to technical and non-technical stakeholders is required. The role demands staying current with emerging security threats, zero-day vulnerabilities, and industry best practices. While specific education requirements are not detailed, senior experience implies a deep practical background and possibly relevant certifications such as OSCP, OSWE, or CEH. Overall, the position calls for a seasoned professional capable of leading penetration testing engagements, mentoring junior testers, and contributing to the continuous improvement of the organization's security posture through rigorous web application security evaluations.