Lead Penetration Tester

Role: Lead Penetration Tester

Location: Remote (must be located in U.S.)

About Rhymetec: 

Rhymetec is an industry leader in the MSSP cybersecurity space. Our goal is to simplify cybersecurity for our clients so they can become compliant faster and focus more on their business and less on the complexities of building effective and compliant infosec programs.

Description: 

The Lead Penetration Tester is an experienced offensive security professional who reports directly to the Director of Offensive Security. In this client-facing role, you will lead and execute penetration testing engagements for MSSP customers, serve as an escalation point for other penetration testers, and help ensure high-quality, defensible deliverables across the team

Responsibilities: 

• Lead and execute penetration tests primarily across web applications, external APIs, and networks, performing manual testing, exploitation, and validation beyond automated scanning.
• Serve as the primary escalation point for other penetration testers to unblock investigations, validate exploitation paths, and review findings for accuracy and consistency.
• Conduct scoping calls with customers, confirm rules of engagement, and manage the pentest lifecycle.
• Present findings to engineering teams and executive stakeholders, translating technical issues into remediation priorities.
• Contribute to internal offensive security tooling, playbooks, templates, and scripts.
  

Required Minimum Qualifications:

Minimum 2 years of verifiable experience as a professional penetration tester in a full-time role. Must have direct experience in pentesting web applications, external web API’s, and networks, as well as one or more of the following categories:

• Mobile Applications
• Cloud Infrastructures (AWS, Azure, GCP)
• GenAI/ML
• Desktop (Thick Client) Applications
• Vishing/Phishing
• Secure Code Reviews
• Strong exploitation and validation skills with technical abilities above verifying scan results.
• Ability to produce clear and precise penetration test reports with reproducible steps and screenshots of evidence to provide practical remediation guidance effectively with customers.
• Ability to mentor and uplift other Offensive Security team members through technical guidance, review, and structured feedback.

Must be currently based in the United States. No sponsorship available for this position.

Benefits: 

Rhymetec offers a robust employee package, including:

• Supportive leadership and a clear growth path
• 100% of employee medical premiums are covered by the employer and discounted family insurance options
• Dental and Vision Benefits
• PTO and Sick Time + 11 paid Holidays
• 401K retirement option with company match
• Company-paid Life Insurance
• Annual Subscription to TalkSpace (online counseling & therapy service)

Compensation may vary outside of the range depending on several factors, including a candidate's qualifications, skills, competencies, experience, and location. Base pay is one part of the Total Package provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives.

Rhymetec is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will be considered for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.