close-menu

Cybersecurity Penetration Testing Engineer

Talencia

Not Interested
Bookmark
Report This Job
profile Job Location:

Charlotte, VT - USA

profile Monthly Salary: Not Disclosed
Posted on: 30+ days ago
Vacancies: 1 Vacancy
Register to Apply

Job Summary

Title: Cybersecurity Penetration Testing Engineer Application & API Security
Location: Charlotte NC
Job Summary
We are seeking a Cybersecurity Penetration Testing Engineer specializing in Application and API Security to perform advanced offensive security testing across business-critical systems.
The ideal candidate will have hands-on expertise with Burp Suite Professional deep knowledge of offensive security methodologies and the ability to identify exploit and communicate vulnerabilities effectively.
You will collaborate closely with development DevSecOps and risk teams to embed secure coding practices and support remediation efforts within the Secure SDLC.
Experience Required
  • 5 8 years of total experience in web mobile or API penetration testing
  • Minimum 3 years of hands-on experience in offensive security testing
Key Responsibilities
1. Penetration Testing & Vulnerability Assessment
  • Conduct manual and automated penetration tests on web mobile and API applications.
  • Leverage Burp Suite Professional for intercepting modifying and exploiting traffic.
  • Perform source code assisted testing to uncover deep logic flaws.
  • Simulate real-world attack scenarios aligned with OWASP Top 10 SANS 25 and API Security Top 10 frameworks.
  • Identify vulnerabilities in authentication authorization input validation and session management.
2. API Security Testing
  • Perform penetration testing of REST and GraphQL APIs including JWT/OAuth/token testing.
  • Validate logic flaws parameter tampering and insecure microservice communication.
  • Utilize tools such as Postman Burp Suite and OWASP ZAP for fuzzing and payload injection.
  • Assess API schema issues rate limiting and sensitive data exposure.
3. Offensive Security & Exploitation
  • Develop and execute proof-of-concept (PoC) exploits to demonstrate impact.
  • Simulate attacker TTPs following the MITRE ATT&CK and CWE frameworks.
  • Perform targeted testing for authentication bypass privilege escalation and deserialization flaws.
  • Demonstrate advanced exploitation techniques to enhance vulnerability validation.
4. Reporting & Remediation Support
  • Produce detailed technical reports with clear risk ratings reproduction steps and mitigations.
  • Collaborate with engineering and DevSecOps teams to support patching and secure code remediation.
  • Participate in vulnerability triage retesting and remediation validation cycles.
  • Present results to both technical teams and executive stakeholders in clear actionable terms.
5. Security Process & Continuous Improvement
  • Integrate testing results into CI/CD pipelines to enable DevSecOps automation.
  • Contribute to secure coding guidelines and developer training initiatives.
  • Stay up to date with emerging attack trends new CVEs and offensive tools.
  • Develop internal scripts extensions or automation workflows to improve testing efficiency.
Technical Skills
Core Tools & Techniques
  • Expert-level proficiency in Burp Suite Professional (Intruder Repeater Decoder Extender).
  • Familiarity with OWASP ZAP Nmap Metasploit SQLmap DirBuster Hydra Ffuf.
  • Deep understanding of OWASP Top 10 (Web & API) and CWE Top 25 vulnerabilities.
  • Strong analytical skills to identify logic-based and authentication-related flaws.
Programming & Scripting
  • Proficient in at least one scripting language: Python JavaScript or Bash.
  • Ability to write custom scripts or Burp extensions for advanced payloads.
  • Strong understanding of HTTP/HTTPS REST GraphQL JSON and XML protocols.
Offensive Security
  • Hands-on experience in vulnerability exploitation reverse engineering or red team engagements.
  • Familiarity with exploit frameworks and C2 tools (e.g. Cobalt Strike Empire) is a plus.
  • Ability to emulate APT-style threat actor behavior.
API / Cloud Security (Preferred)
  • Knowledge of API gateways (Kong Apigee) and microservices architectures.
  • Exposure to cloud-native security testing (AWS Azure GCP) and container security (Docker/Kubernetes).
Qualifications
  • Bachelors or Masters degree in Computer Science Cybersecurity or related field
  • 5 8 years of experience in application or API penetration testing
  • Strong technical writing and presentation skills for diverse audiences
Preferred Certifications
  • OSCP / OSWE / OSEP (Offensive Security)
  • Burp Suite Certified Practitioner (BSCP)
  • eWPTX / eCPPT / CEH (Practical)
  • GWAPT / GPEN / GCPN
Title: Cybersecurity Penetration Testing Engineer Application & API Security Location: Charlotte NC Job Summary We are seeking a Cybersecurity Penetration Testing Engineer specializing in Application and API Security to perform advanced offensive security testing across business-critical sys...
View more view more

Key Skills

  • Eclipse
  • Engineering
  • Event Planning
  • Interior
  • Cisco
Apply Now

About Company

Talencia
Company Logo
View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click

AI AutoApply

AI Resume Builder

Create an ATS-ready CV in minutes

AI Resume Builder

AI Cover Letter

Write a personalized letter instantly

AI Cover Letter

Related Jobs

Playwright Engineer

Purple Drive

profile Phoenix

AIML Engineer

Innovitusa

profile Austin

Principal Automation Engineer Manager

Diligent Tec Inc

profile Marshall County

Lead Network Cloud Engineer

Purple Drive

profile Alpharetta

Mid-Level Salesforce QA Engineer

Purple Drive

profile Phoenix

Experienced Civil Engineer Land Development

Faithful Jobs Consulting

profile Annandale

Electrical Testing Technician

Rinvio Recruitment

profile Ronkonkoma

Cybersecurity Engineer

Mcbride

profile Middlesex County
  1. Home
  2. Jobs In USA
  3. Jobs In Vermont
  4. Jobs In Charlotte
  5. Cybersecurity Penetration Testing Engineer
About Dr.Job

Dr.Job is an AI-powered career platform that bridges the gap between employers and talented job seekers. Since 2015, we have been one of the leading job portals in the UAE, trusted by thousands daily to find opportunities faster and smarter. Today, Dr.Job is expanding worldwide, connecting professionals and employers across borders. With AI-driven tools for resume building, interview preparation, and automated applications, Dr.Job empowers job seekers to land their dream roles and helps employers find top talent with accuracy and speed.

Follow Dr.Job
Payment accepted icon
Company
Popular Searches
Employer
Quick Links
Job seeker
Jobs by Countries

Dr Job FZ LLC. 2025 © All Rights Reserved

Terms of Use. Privacy Policy. Cookie Policy