Logo for Accede Solutions Inc (accedesol.com)

Software Test & Evaluation Technician III

Roles & Responsibilities

  • 3+ years of hands-on penetration testing experience (web applications, APIs, infrastructure)
  • Demonstrated experience triaging vulnerabilities at scale (CVSS scoring, CWE/OWASP classification, risk-based prioritization)
  • Strong understanding of common vulnerability classes (OWASP Top 10, SANS Top 25) and remediation strategies
  • Experience with vulnerability management platforms (e.g., Jira, ServiceNow, DefectDojo, or similar)

Requirements:

  • Review and validate incoming vulnerability reports; assess severity, exploitability, and business impact
  • Perform targeted retesting of remediated vulnerabilities to confirm fixes are effective and complete
  • Monitor remediation timelines against SLAs; coordinate with development and infrastructure teams
  • Maintain accurate records in the vulnerability management platform; produce weekly status reports

Job description

Title: Penetration Tester
Location: Remote
Duration: 1 year with possible extension


Job Description: 
Must haves: 3 plus years Experience in hands on penetration testing experience or offensive security testing
As a member of our Attack & Pentest team, you will serve as a frontline analyst responsible for validating, prioritizing, and driving the closure of security vulnerabilities across the enterprise. You will assess findings for exploitability and business risk, retest applications and infrastructure after remediation, and work directly with engineering teams to ensure issues are resolved effectively and on schedule. This is a hands-on technical role that requires both offensive security skills and the ability to communicate clearly with developers, architects, and leadership.
Responsibilities
Triage – Review and validate incoming vulnerability reports from Mythos; assess severity, exploitability, and business impact; de-duplicate and enrich findings with reproduction steps and evidence
Retesting – Perform targeted retesting of remediated vulnerabilities to confirm fixes are effective and complete; document pass/fail results with technical evidence
Tracking & Remediation Support – Monitor remediation timelines against SLAs; coordinate with development and infrastructure teams to ensure timely closure; escalate aging findings per policy
Reporting – Maintain accurate records in the vulnerability management platform; produce weekly status reports on open/closed/overdue findings; contribute to executive-level metrics
Collaboration – Partner with application security, DevOps, and engineering teams to provide remediation guidance and technical context for findings
Process Improvement – Identify patterns in recurring vulnerabilities; recommend process or tooling improvements to reduce triage backlog

Required Qualifications:
3+ years of hands-on penetration testing experience (web applications, APIs, infrastructure)
Demonstrated experience triaging vulnerabilities at scale (CVSS scoring, CWE/OWASP classification, risk-based prioritization)
Strong understanding of common vulnerability classes (OWASP Top 10, SANS Top 25) and remediation strategies
Experience with vulnerability management platforms (e.g., Jira, ServiceNow, DefectDojo, or similar)
Ability to write clear, reproducible proof-of-concept exploits and remediation validation reports
Familiarity with SDLC integration and working directly with development teams on fix guidance
Strong written and verbal communication skills; able to translate technical findings for varied audiences
Preferred Qualifications
Relevant certifications: OSCP, GPEN, GWAPT, CEH, or equivalent
Experience with bug bounty or crowdsourced vulnerability programs
Familiarity with financial services regulatory requirements (PCI-DSS, FFIEC, SOX)
Scripting/automation skills (Python, Bash, Burp extensions) for retesting workflows
Experience with CI/CD pipeline security tooling (SAST/DAST integration)
Tools & Environment (Preferred Familiarity)
Burp Suite Professional, Nuclei, Caido
Git-based workflows and code review
Cloud platforms (AWS, Azure, GCP) security configurations
Container/Kubernetes security fundamentals

Software Development Engineer in Test (SDET) Related jobs

Other jobs at Accede Solutions Inc (accedesol.com)

We help you get seen. Not ignored.

We help you get seen faster — by the right people.

🚀

Auto-Apply

We apply for you — automatically and instantly.

Save time, skip forms, and stay on top of every opportunity. Because you can't get seen if you're not in the race.

AI Match Feedback

Know your real match before you apply.

Get a detailed AI assessment of your profile against each job posting. Because getting seen starts with passing the filters.

Upgrade to Premium. Apply smarter and get noticed.

Upgrade to Premium

Join thousands of professionals who got noticed and hired faster.