Penetration Tester

About ControlCase

ControlCase is a global leader in certification, cybersecurity, and continuous compliance services. We help organizations develop and implement streamlined, cost-effective, and comprehensive information security and compliance programs for both on-premise and cloud environments.

Our services support organizations that need to meet standards and regulations including PCI DSS, HITRUST, SOC 2 Type II, ISO 27001, PCI PIN, PCI P2PE, PCI TSP, PA DSS, CSA STAR, HIPAA, GDPR, SWIFT, CMMC, and FedRAMP.

Headquartered in Fairfax, Virginia, ControlCase operates worldwide with locations across North America, Europe, Latin America, Asia-Pacific, and the Middle East. We provide Compliance as a Service (CaaS) solutions that help businesses meet regulatory compliance requirements efficiently and cost-effectively.

Position Overview

As a Penetration Tester, you will conduct authorized penetration tests on computer systems, applications, networks, and infrastructure to identify vulnerabilities that could be exploited. This role is approximately 80% penetration testing and 20% project management.

You may specialize in one or more of the following areas:

• Networks and Infrastructure
• Operating Systems, including Windows, Linux, and macOS
• Web and Mobile Applications
• APIs and Web Services

Key Responsibilities

• Collaborate with clients to identify penetration testing requirements, including the number and type of systems to be tested.
• Plan and develop penetration testing methodologies, scripts, and test cases.
• Conduct remote penetration tests on client networks and perform on-site infrastructure testing when required.
• Simulate security breaches to evaluate vulnerabilities across systems, applications, and networks.
• Prepare detailed reports outlining identified security issues, risk levels, and recommendations.
• Provide actionable remediation guidance to help clients reduce risk and strengthen system security.
• Present findings, risks, and recommendations to management teams and other stakeholders.
• Assess the business and user impact of identified vulnerabilities.
• Analyze how unresolved security flaws could affect business operations and critical functions.
• Manage project timelines, client communication, deliverables, and reporting requirements.

Required Qualifications

• 4 to 5+ years of relevant penetration testing experience.
• US Citizenship or Green Card holder.
• Ability and willingness to travel to client sites as required.
• Strong understanding of complex computer systems, cybersecurity concepts, and technical terminology.
• Strong written and verbal communication skills.
• Ability to communicate technical findings clearly to both technical and non-technical stakeholders.

Education and Certification Requirements

Education: Bachelor’s degree preferred.

Preferred Certifications:

• OSCP – Offensive Security Certified Professional
• CPSA – CREST Practitioner Security Analyst
• CRT – CREST Registered Tester
• CRTO – Certified Red Team Operator
• CRTP – Certified Red Team Professional
• GWAPT – GIAC Web Application Penetration Tester
• GPEN – GIAC Penetration Tester
• GIAC – Global Information Assurance Certification

What ControlCase Offers

At ControlCase, we are committed to supporting our employees’ success and well-being. We offer a comprehensive benefits package designed to promote work-life balance, professional growth, and long-term career development.

This is a fully remote position that offers flexibility to work from home while collaborating with an international team across multiple regions. You will manage your schedule, meet project deadlines, and contribute to ControlCase’s global cybersecurity and compliance initiatives.

Employee Benefits

• Company-Provided Equipment: Essential tools, including a computer, to support your work.
• 401(k) Plan: Competitive retirement savings options to help you plan for the future.
• Health Insurance: Comprehensive medical coverage for you and your family.
• Dental and Vision Insurance: Access to dental and vision care.
• 100% Company-Paid Life Insurance: Life insurance coverage for added peace of mind.
• Paid Time Off: Generous PTO and official holidays to recharge.
• Mileage and Travel Reimbursement: Reimbursement for approved business-related travel and mileage.
• Cell Phone and Internet Reimbursement: Monthly reimbursement for phone and internet expenses.
• Employee Assistance Program: Access to mental health, counseling, and personal support resources.
• Flexible Spending Account: Save on eligible healthcare and dependent care expenses.
• Employee Discount Program: Discounts available through select partners and vendors.
• Referral Program: Earn rewards for referring qualified candidates to ControlCase.