Penetration Tester

Job Title: Sr. Lead WBE/API Red Team - Pen Tester

Location: Remote; Chicago/Milwaukee preferred

Position Type: Full-Time

Overview

TalentFish is casting a line for a Senior WEB/API Penetration Tester - Red Teamer. This is a Full-Time role in Remote; Chicago/Milwaukee preferred. Our client is building an Offensive Security team that red teamers believe in. These aren't tool-heavy, checkbox pentests. Our testers think and act like adversaries – endpoint evasion, privilege escalation, moving laterally, and chaining attacks until we hit business-critical objectives. We write reports, sure, but they're narrative-driven. The full story from entry to impact, showing the path taken and the attacker mindset, and conveying the risks in a way that the client understands.

SKILLS

• Consulting experience preferred, if you don't have it, be prepared to demonstrate how you make up for the gaps.
• 8 Years plus WEB/API Pen Testing Experience in Consulting.
• Strong on either network or appsec, and passable on the other.
• Strong professionalism and speaking/writing skills, without overreliance on LLMs and with a willingness to get on video calls.

What You'll Do.

Perform red team engagements simulating real-world adversaries.

Conduct endpoint evasion, privilege escalation, and lateral movement.

Write narrative-driven reports detailing attack paths and business impact.

Communicate findings effectively to technical and non-technical audiences.

Develop custom scripts and tools when needed.

Research and apply new TTPs in engagements.

Collaborate with team members and contribute to knowledge sharing.

Preferred:

• Can demonstrate and discuss previous persistence on real-world tests chaining small findings into showing real impact.
• Have written tools, scripts, or PoCs when off-the-shelf options weren't enough.
• Experience with EDR evasion and C2 frameworks.
• Been part of CTFs, cons, local meetups, or have published write-ups.
• Certifications (Offensive Security, Zeropoint Security, SEKTOR7, etc.).
• Some level of scripting/coding proficiency.

Compensation Information

The expected salary range for this position is [$150K - 200K] per year, depending on experience and qualifications. This role also qualifies for comprehensive benefits such as health insurance, 401(k), and paid time off. TalentFish is committed to pay transparency and equal opportunity. The salary range provided is in compliance with applicable state and federal regulations.

This role requires authorization to work in the U.S. without current or future visa sponsorship.

All offers are contingent upon the completion of a background check, which may include but is not limited to reference checks, education verification, employment verification, drug testing, criminal records checks, and any required certifications or compliance requirements based on the end client's background check policies and applicable laws.

TalentFish is an employee-owned company pioneering a new realm in talent acquisition. We are redefining IT staffing by evolving AI, video screening, and our unique platform. TalentFish focuses on providing the best employee, consultant, and client experience possible.