Dahl ConsultingRemote
Security Engineer
United States of America
Contract
2 weeks ago
$75 - $19 USD
H1B Sponsor Likely
Key skills
PythonGoMentoringOWASPPenetration Testing
About this role
Dahl Consulting is partnering with a leading Fortune 50 retail organization known for its large-scale digital presence and commitment to innovation to hire a Security Engineer specializing in penetration testing. This role focuses on identifying and mitigating security vulnerabilities across web applications, APIs, and enterprise systems, playing a key role in safeguarding customer data.
Responsibilities:
- Conduct end-to-end penetration tests, including scoping, exploitation, validation, and reporting
- Identify and assess vulnerabilities in web applications and APIs, including OWASP Top 10 risks
- Utilize advanced security testing tools such as Burp Suite, Nmap, and exploitation frameworks
- Develop scripts and automation in Python or Go to enhance testing efficiency
- Document security findings clearly, providing actionable remediation recommendations
- Partner with engineering teams to validate fixes and strengthen overall security posture
- Support risk identification efforts, including pre-deployment threat modeling activities
- Contribute to security initiatives such as bug bounty programs and vulnerability triage
- Assist in improving penetration testing processes, tools, and methodologies
- Provide mentorship or technical guidance to junior team members when applicable
Requirements:
- Bachelor's degree in Computer Science, Cybersecurity, or equivalent practical experience
- 7+ years of experience in cybersecurity, with progressive responsibility in penetration testing
- 5+ years of hands-on penetration testing experience focused on web applications and APIs in enterprise environments
- Proven ability to execute full penetration testing lifecycle (scoping through reporting)
- Strong knowledge of web application security vulnerabilities, including OWASP Top 10, authentication/authorization flaws, and injection attacks
- Advanced proficiency with security testing tools such as Burp Suite, Nmap, and common exploitation frameworks
- Experience developing scripts or automation using Python or Go
- Strong documentation skills with the ability to communicate findings and remediation steps clearly
- Experience collaborating with engineering teams to remediate vulnerabilities
- Experience testing mobile applications, hardware/embedded systems, or third-party/vendor platforms
- Familiarity with PCI penetration testing requirements and compliance frameworks
- Experience supporting or contributing to bug bounty programs (triage, validation, escalation)
- Exposure to threat modeling and proactive risk identification
- Experience mentoring or guiding other security testers
- Advanced understanding of networking and system architecture in large-scale environments
- Experience improving or automating penetration testing processes and tooling
- Relevant certifications such as OSCP, OSCE, OSWE, or CISSP