Penetration Tester II - Onsite Job at Kavaliro, Washington DC

L0RNMEJscW1CWkc0ZjRJZ2hBT1FpeVEvNlE9PQ==
  • Kavaliro
  • Washington DC

Job Description

Job Summary:
Kavaliro is seeking a skilled and motivated Application Penetration Tester II to join our clients onsite premise in Washington D.C. If you have at least five years of experience in application security testing, excellent communication skills, and a creative, solutions-driven mindset, you’ll fit right in. This role requires someone who can tackle complex security challenges across a distributed environment, while staying up to date with evolving threats and tools.


What You’ll Be Doing:

  • Carry out hands-on security testing of web and mobile applications—this includes penetration tests, vulnerability scans, control validation, and even some social engineering.

  • Dive into source code reviews and provide clear, actionable security guidance based on your findings.

  • Apply static and dynamic analysis techniques to uncover vulnerabilities.

  • Work with automation tools and integrate security checks into CI/CD pipelines.

  • Validate security measures on both front-end and back-end systems for web and mobile platforms.

  • Communicate your findings and recommendations clearly to both technical and non-technical stakeholders.

  • Build detailed, insightful reports and deliver presentations tailored to your audience.

  • Use threat intelligence and red team tactics to simulate real-world attacks and test defenses.

  • Stay sharp by researching new tactics, tools, and vulnerabilities—then share your knowledge with the team.

  • Propose new types of assessments based on emerging risks or insights from past work.

  • Develop or customize tools and workflows to improve our testing capabilities.

  • Pitch in on other security initiatives or special projects as needed.

What We’re Looking For:

  • At least 5 years of experience conducting application-level penetration tests—or equivalent experience (like 5+ years of app development paired with some security testing or red team exposure).

  • Solid understanding of application, system, and network security principles.

  • Comfortable working on both Windows and *nix environments.

  • Familiar with multiple programming/scripting languages—examples include Python, Java, C/C++, Ruby, Bash, and Perl.

  • Strong grasp of security testing tools, especially Burp Suite Pro and its ecosystem of plugins.

  • Hands-on experience with SAST, DAST, and SCA tools like Checkmarx, Fortify, OWASP ZAP, Veracode, and others.

Bonus Points For:

  • Mobile app reverse engineering, especially apps that use obfuscation or anti-emulator protections.

  • Experience securing containerized environments (Docker, Kubernetes).

  • Cloud penetration testing experience (AWS, Azure, Oracle).

  • Industry certifications like OSCP, GWAPT, GPEN, GXPN, GCIH, CRTE, etc.

  • Contributions to the security community—think research, published CVEs, bug bounty reports, blogs, or talks at conferences.

  • Familiarity with iOS and Android security practices.

  • Experience testing APIs and securing backend integrations.




    Kavaliro provides Equal Employment Opportunities to all employees and applicants. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Kavaliro is committed to the full inclusion of all qualified individuals. In keeping with our commitment, Kavaliro will take the steps to assure that people with disabilities are provided reasonable accommodations. Accordingly, if reasonable accommodation is required to fully participate in the job application or interview process, to perform the essential functions of the position, and/or to receive all other benefits and privileges of employment, please respond to this posting to connect with a company representative.

Job Tags

Local area,

Similar Jobs

Dropoff

Medical Courier Late Afternoons / Evenings Job at Dropoff

 ...Dropoff is a fast-growing same-day delivery service with driver contractor positions now open for late afternoons and weekends in the Houston area...  ...transparent pricing, real-time tracking and confirmations, up-to-the-minute ETAs, delivery Agent ratings and a feature-rich... 

Kettering Health

Neuroscience Nurse Job at Kettering Health

$45k sign on bonus available for this role! Are you a Neuro Registered Nurse looking for a rewarding career with incredible benefits ? Kettering Health is actively hiring Neuro Registered Nurses in Beavercreek, OH ! If youre ready to make a meaningful impact in... 

People Freight | Freight Forwarding Recruitment

Air and Ocean Import Specialist Job at People Freight | Freight Forwarding Recruitment

 ...Job Title: Air and Ocean Import Specialist Location: Atlanta, GA Salary: $60,000 $65,000 (Depending on Experience) Industry...  ...About the Role: We are seeking an experienced and detail-oriented Air and Ocean Import Specialist to join a dynamic and fast-paced... 

US Tech Solutions

English Teacher Job at US Tech Solutions

Duration: 1 Week Responsibilities ~ In late-May, this team (+ estimated 2-4 more) will evaluate student-written papers that have been submitted to client to confirm whether they have used plagiarism/AI that is not in compliance with our exam violation policies. There...

Wonder Pups Pet Care

Pet Sitter/Dog Walker Job at Wonder Pups Pet Care

 ...Unleash the Fun! Are you our new Wonder Sitter? &##128062; Seeking Wonderful Pet lovers available Monday through Friday 3pm to 9pm and Weekends6:30-9am, 3pm to 9pm Are you ready to turn the "ruff" into "wonderful"?! Wonder Pups Pet Care LLC is on the hunt for...