Position Details

Type Full-Time

Experience senior

Exp. Years 3+ years

Education Bachelor's degree and a minimum of 3 years' relevant work experience, or in lieu of a degree, a combined minimum of 7 years' higher education and/or work experience

Category Cybersecurity

About this role

Senior penetration tester focusing on web applications, APIs, and networks; performs grey/white box testing, leverages Burp Suite Pro, and collaborates with security and technology teams to remediate vulnerabilities.

Key Responsibilities

Complete penetration testing of web apps and APIs
Define testing methods
Gather intelligence on vulnerabilities
Validate controls and remediation
Educate cybersecurity teams

Technical Overview

Hybrid role requiring hands-on web app pen testing, familiarity with OWASP Top 10, and scripting; tools include Burp Suite Pro and various open-source tooling.

Ideal Candidate

The ideal candidate is a senior penetration tester with strong web app testing experience, proficient with Burp Suite Pro, familiarity with OWASP Top 10, and solid scripting knowledge; capable of operating in a hybrid Buffalo, NY environment with strong collaboration across cybersecurity and technology teams.

Must-Have Skills

Bachelor's degree and a minimum of 3 years' relevant work experienceor in lieu of a degreea combined minimum of 7 years' higher education and/or work experienceIntermediate working knowledge of penetration testing and red team toolsStrong knowledge of networking and network protocolsIntermediate working knowledge of operating systems and scripting and/or coding

Nice-to-Have Skills

Bachelor's degree in Computer ScienceCybersecurityor Information TechnologyUnderstanding of the OWASP Top 10Knowledge in social engineeringapplication securityphysical security conceptsIndustry-recognized penetration testing certification

Required Skills

Bachelor's degreepenetration testinggrey box/white box testingBurp Suite ProAPIsnetwork protocolsoperating systemsscripting

Hard Skills

Burp Suite ProOpen Source ToolingWeb Application Penetration TestingGrey Box testingWhite Box testingAPIsNetwork protocolsOperating systemsScripting and/or coding

Soft Skills

communicationmentoringteam collaborationproblem-solving

Certifications

Required

Penetration testing-specific or Cybersecurity domain-related industry-recognized certification

Preferred

OWASP Top 10 understanding

Industry & Role

Industry Banking

Job Function Perform advanced penetration testing to identify and remediate security weaknesses

Role Subtype Penetration Tester

Tech Domains Cybersecurity, Networking / TCP-IP

Keywords for Your Resume

senior penetration tester - web applicationweb applicationhybridbuffaloburp suite proowasp top 10penetration testingcybersecuritynetworkingscriptingoperating systemsgrey boxwhite boxapisrisk managementinternal controlspenetration testing toolssecurity testingSOCrisk assessmentsAPIsnetwork protocolsOWASP Top 10

Deal Breakers

No 3+ years of relevant penetration testing experience, Lack of Burp Suite Pro or basic scripting skills, Inability to work in a hybrid Buffalo, NY setting

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile

Untitled Position

Get matched to jobs like this