Software Test & Evaluation Technician III (Penetration Tester)

Talteam Inc.

$75K — $95K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 3+ years of hands-on penetration testing experience with web applications, APIs, and infrastructure.
  • Proven experience in triaging vulnerabilities based on CVSS scoring and risk prioritization.
  • Strong grasp of OWASP Top 10 and SANS Top 25 vulnerability classes and their remediation.
  • Experience with vulnerability management platforms like Jira or ServiceNow.
  • Ability to create clear proof-of-concept exploits and validation reports.
  • Familiarity with the software development lifecycle and collaboration with development teams.
  • Excellent written and verbal communication skills for translating technical findings.

Responsibilities

  • Validate incoming vulnerability reports and assess their business impact.
  • Conduct targeted retests of vulnerabilities to confirm remediation effectiveness.
  • Monitor remediation timelines and coordinate with development teams for prompt closure.
  • Maintain accurate records in the vulnerability management system and report on findings status.
  • Collaborate with security and engineering teams to provide remediation guidance.
  • Identify recurring vulnerability patterns and propose process improvements.
  • Generate executive-level metrics and contribute to regular reporting.

Benefits

  • Opportunity to work on an impactful, hands-on technical role in offensive security.
  • Collaborative environment partnering with engineering and security teams.
  • Engagement with diverse security tools and platforms.
  • Possibility to contribute to process improvement initiatives.
  • Training and professional development opportunities encouraged.
Full Job Description
Software Test & Evaluation Technician III (Penetration Tester)

Must haves: 3 plus years Experience in hands on penetration testing experience or offensive security testing

As a member of our Attack & Pentest team, you will serve as a frontline analyst responsible for validating, prioritizing, and driving the closure of security vulnerabilities across the enterprise. You will assess findings for exploitability and business risk, retest applications and infrastructure after remediation, and work directly with engineering teams to ensure issues are resolved effectively and on schedule. This is a hands-on technical role that requires both offensive security skills and the ability to communicate clearly with developers, architects, and leadership.

Responsibilities

Triage - Review and validate incoming vulnerability reports from Mythos; assess severity, exploitability, and business impact; de-duplicate and enrich findings with reproduction steps and evidence

Retesting - Perform targeted retesting of remediated vulnerabilities to confirm fixes are effective and complete; document pass/fail results with technical evidence

Tracking & Remediation Support - Monitor remediation timelines against SLAs; coordinate with development and infrastructure teams to ensure timely closure; escalate aging findings per policy

Reporting - Maintain accurate records in the vulnerability management platform; produce weekly status reports on open/closed/overdue findings; contribute to executive-level metrics

Collaboration - Partner with application security, DevOps, and engineering teams to provide remediation guidance and technical context for findings

Process Improvement - Identify patterns in recurring vulnerabilities; recommend process or tooling improvements to reduce triage backlog

Required Qualifications

3+ years of hands-on penetration testing experience (web applications, APIs, infrastructure)

Demonstrated experience triaging vulnerabilities at scale (CVSS scoring, CWE/OWASP classification, risk-based prioritization)

Strong understanding of common vulnerability classes (OWASP Top 10, SANS Top 25) and remediation strategies

Experience with vulnerability management platforms (e.g., Jira, ServiceNow, DefectDojo, or similar)

Ability to write clear, reproducible proof-of-concept exploits and remediation validation reports

Familiarity with SDLC integration and working directly with development teams on fix guidance

Strong written and verbal communication skills; able to translate technical findings for varied audiences

Preferred Qualifications

Relevant certifications: OSCP, GPEN, GWAPT, CEH, or equivalent

Experience with bug bounty or crowdsourced vulnerability programs

Familiarity with financial services regulatory requirements (PCI-DSS, FFIEC, SOX)

Scripting/automation skills (Python, Bash, Burp extensions) for retesting workflows

Experience with CI/CD pipeline security tooling (SAST/DAST integration)

Tools & Environment (Preferred Familiarity)

Burp Suite Professional, Nuclei, Caido

Git-based workflows and code review

Cloud platforms (AWS, Azure, GCP) security configurations

Container/Kubernetes security fundamentals

Similar Jobs

More Jobs at Talteam Inc.

  • Senior DevOps Engineer
    $110K — $140K *
    Washington, DC 20011 (District Of Columbia County)
    Enterprise Technology
    In-Person
  • Senior Data Architect
    $120K — $150K *
    Washington, DC 20011 (District Of Columbia County)
    Information Technology
    In-Person
  • CW Engineer
    $70K — $95K *
    Georgetown, KY 40324 (Scott County)
    Manufacturing & Automotive
    In-Person
  • Senior Functional Analyst
    $90K — $120K *
    Washington, DC 20011 (District Of Columbia County)
    Enterprise Technology
    In-Person
  • Information Technology - Engineer, Systems Ld
    $100K — $140K *
    Reston, VA 20191 (Fairfax County)
    Information Technology
    In-Person

More Information Technology Jobs

Find similar Software Test & Evaluation Technician III (Penetration Tester) jobs: