Penetration Tester

NodeRisk
ContractColombo, Sri LankaUSD 500 - 1,500/month

We are looking for an experienced Penetration Tester to join our team on a contract basis. The successful candidate will perform comprehensive security assessments across web applications, APIs, mobile applications, cloud infrastructure, internal networks, and external attack surfaces.

This role is suited for an individual who enjoys offensive security, provides high-quality technical reporting, and can communicate remediation guidance clearly to clients.

Responsibilities:

  • Conduct Web Application Penetration Testing
  • Perform API Security Assessments
  • Execute External and Internal Network Penetration Tests
  • Perform Mobile Application Security Assessments (Android/iOS)
  • Identify, validate, and safely exploit security vulnerabilities
  • Assess authentication, authorization, session management, and business logic flaws
  • Review cloud environments (AWS, Azure, GCP) where applicable
  • Produce detailed technical reports with proof-of-concept evidence
  • Prepare executive summaries for non-technical stakeholders
  • Validate remediation efforts through retesting
  • Follow industry methodologies including:
  • OWASP Web Security Testing Guide (WSTG)
  • OWASP Top 10
  • OWASP API Security Top 10
  • OWASP Mobile Application Security Testing Guide (MASTG)
  • PTES
  • NIST SP 800-115

Required Skills

  • Minimum 2-3 years of professional penetration testing experience
  • Strong understanding of:
  • Web security
  • API security
  • Network security
  • Active Directory attacks
  • Ability to manually identify vulnerabilities beyond automated scanners
  • Experience writing professional penetration testing reports
  • Experience in Working & Coordinating with End Customers

Preferred Qualifications

  • OSCP
  • OSEP
  • CRTO
  • CRTP
  • PNPT
  • eCPPT
  • CREST CRT/CCT

Apply for this job

Resume/CV*

Click or drag file to this area to upload your Resume

Please make sure to upload a PDF

First Name*
Last Name*
Email*
Phone Number*
The hiring team may use this number to contact you about this job.

By clicking 'Submit Application', you agree to receive job application updates from NodeRisk via text and/or WhatsApp. Message frequency may vary. Reply STOP to unsubscribe at any time. Message & data rates may apply.