Logo for RSI Security

Penetration Tester (W-2 or 1099 | U.S.-Based)

RSI Security

Roles & Responsibilities

  • 3–7+ years of penetration testing experience
  • Full-stack offensive testing skills across network, web, mobile, API, IoT, and social engineering
  • Proficiency with Burp Suite, Nmap, Nessus, Metasploit, Wireshark, and related security tooling
  • Must be U.S.-based and able to travel within the United States

Requirements:

  • Execute advanced manual penetration testing across multiple disciplines (networks, applications, API, mobile, IoT) and onsite engagements
  • Conduct internal/external penetration testing and internal segmentation testing
  • Perform web, mobile, API, and social engineering testing with remediation-focused reporting
  • Present findings to technical and non-technical stakeholders and maintain alignment with industry standards (NIST, PTES, OWASP, MITRE)

Job description

WE ARE HIRING
Penetration Tester (W-2 or 1099 | U.S.-Based)

 
Department: Technical Operations (TechOps)
Location: Remote (U.S.) + Required Travel Across the U.S. and Canada
Employment Type: Open to W-2 Employee or 1099 Contractor
 

About US

RSI Security is a cybersecurity advisory firm dedicated to helping organizations secure their environments, reduce risk, and stay compliant. Our team of specialized practitioners works hands-on with clients across multiple industries, delivering technical excellence with a service-first mindset.
We are expanding our penetration testing bench and seeking a highly skilled Penetration Tester to support ongoing client engagements, including onsite assessments.

About the ROLE

The Penetration Tester executes advanced manual penetration testing across multiple disciplines, supports client engagements both remotely and onsite, and delivers accurate, actionable, and validated reporting. This role requires strong technical depth, disciplined follow-through, consultative communication, and consistent alignment with RSI methodologies and Core Values.
 
W-2 and 1099 versions of the role share the same responsibilities; however, W-2 roles include scorecard metrics and quarterly Rocks, while 1099 contractors operate on a deliverables-based SOW model.

What You’ll Do

  • Manual Internal and External Penetration Testing
  • Internal Segmentation Testing (lateral movement, trust boundary analysis)
  • Web Application Penetration Testing (OWASP Top 10, business logic flaws)
  • Mobile Application Penetration Testing (Android/iOS)
  • API Penetration Testing (auth flows, token abuse, endpoint assessment)
  • Social Engineering Penetration Testing (phishing, vishing, pretexting)
  • Hardware/IoT Penetration Testing as needed
  • Create detailed, validated, and remediation-focused penetration testing reports
  • Present findings to both technical and non-technical stakeholders
  • Maintain alignment with industry standards (NIST, PTES, OWASP, MITRE, etc.)

What You’ll Bring

  • 3–7+ years of penetration testing experience
  • Full-stack offensive testing skills (network, web, mobile, API, IoT, SE)
  • Proficiency with Burp Suite, Nmap, Nessus, Metasploit, Wireshark, etc.
  • Strong reporting and documentation skills
  • Excellent client-facing communication
  • Familiarity with OWASP, PTES, NIST SP 800-115, OSSTMM
  • Ability to work independently
  • Must be able to travel within the United States (non-negotiable)
  • Must be U.S.-based

Mindset We Value

  • You chase the why behind technical problems
  • You take pride in craftsmanship and validated manual testing
  • You deliver on commitments and own outcomes
  • You communicate clearly, without ego
  • You adapt quickly when situations are ambiguous
  • You always act with integrity
  • You pursue growth and mastery in your craft

What We Offer

W-2 Employees

  • Unlimited flex vacation
  • Paid parental leave
  • 401(k) with 100% employer match
  • Medical, dental, vision coverage
  • Professional development & certification reimbursement
  • Remote-first culture
1099 Contractors
  • Flexible project-based or hourly contracting
  • Remote work
  • Access to RSI standards and methodologies
  • Long-term contracting potential


RSI Security is proud to be an Equal Opportunity Employer. We value equity, inclusion, and diversity as part of our broader commitment to respecting fundamental human rights across our value chain. The Company will consider qualified applicants with arrest and conviction records, consistent with applicable laws.

For more information on RSI Security, please visit www.rsisecurity.com or our LinkedIn page. On our career site, you will also find the steps guiding you through our hiring process.
Ready to apply?
APPLY
·

Penetration Tester Related jobs

Oregon (USA)Penetration Tester

Other jobs at RSI Security

We help you get seen. Not ignored.

We help you get seen faster — by the right people.

🚀

Auto-Apply

We apply for you — automatically and instantly.

Save time, skip forms, and stay on top of every opportunity. Because you can't get seen if you're not in the race.

AI Match Feedback

Know your real match before you apply.

Get a detailed AI assessment of your profile against each job posting. Because getting seen starts with passing the filters.

Upgrade to Premium. Apply smarter and get noticed.

Upgrade to Premium

Join thousands of professionals who got noticed and hired faster.