HimalayasHimalayas logo
Bishop FoxBF

Penetration Tester - Contract

Bishop Fox is a leading authority in offensive security, providing solutions like continuous penetration testing, red teaming, and attack surface management to protect organizations from cyber threats.

Bishop Fox

Employee count: 201-500

United States only

Stay safe on Himalayas

Never send money to companies. Jobs on Himalayas will never require payment from applicants.

Contract Penetration Tester

At Bishop Fox, security isn't just a job—it's our passion. As leaders in continuous offensive security and penetration testing, we deliver world-class customer experiences. Trusted by over a quarter of the Fortune 100, half of the Fortune 10, and top global media companies, we help safeguard digital landscapes. Our Cosmos platform, honored as Best Emerging Technology by SC Media, exemplifies our commitment to innovation.  

Joining Bishop Fox means collaborating with a curious and dedicated team. You'll tackle complex challenges for some of the world's most recognized organizations, securing their networks against real-world threats. With nearly 20 years of industry contributions—including 16 open-source tools and 50 security advisories published in the past five years—we're committed to making the digital world safer. 

We’re looking for talented, experienced professional hackers to help us secure some of the world’s most complex software and sophisticated technologies. You’ll be working alongside our US and internationally-based teams supporting clients across multiple industries.   

Responsibilities

Bishop Fox is looking for experienced contract penetration testers with a primary focus in web application security and strong secondary expertise in cloud, mobile, source code, network, or AI/LLM security.

You’ll work on a range of projects, from short-term assessments to longer-term program engagements with well-established clients. In this role, you’ll identify vulnerabilities, validate risk, develop creative solutions, and clearly communicate findings and remediation guidance to both technical and executive stakeholders. As a trusted advisor, you’ll help clients understand risk and make informed security decisions. 

Experience

  • 5+ years of experience planning, conducting, and managing web application penetration tests
  • Deep understanding of application security fundamentals, OWASP Top 10, common vulnerabilities, and secure development best practices
  • Experience assessing vulnerabilities and developing exploits across diverse targets
  • Strong understanding of system and network security, authentication protocols, security protocols, and applied cryptography
  • Ability to communicate complex technical findings clearly and provide practical remediation guidance to technical and executive audiences

Preferred Experience

Deep experience in at least one of the following:

  • Cloud Security - Experience assessing AWS cloud environments, including technologies such as IAM, EC2, VPC, EBS, S3, CloudWatch, and Lambda.
  • Mobile Application Security - Experience testing iOS and/or Android applications, including mobile application architecture, API communication, data storage, authentication flows, and common mobile security vulnerabilities.
  • Source Assisted Application Assessments: Experience evaluating applications across multiple layers, including source code, APIs, infrastructure, and integrations. Strong proficiency in Golang is highly preferred, along with familiarity in languages such as Python, Ruby, PowerShell, Java, and JavaScript.
  • Network Security - Experience with network and system exploitation, including modern tactics, techniques, and procedures such as C2 frameworks, EDR bypass, privilege escalation, password cracking, and lateral movement.
  • AI/LLM Security -Experience assessing non-deterministic security controls.

Employment Sponsorship

This engagement is for independent contractors (1099) and is not eligible for any form of employment sponsorship. Applicants must be legally authorized to work in the United States without requiring visa sponsorship now or in the future. Applicants must be located in the United States.

All new hires must pass a background check as a condition of employment.

Bishop Fox is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

About the job

Apply before

Posted on

Job type

Full Time

Experience level

Mid-level

Education

Bachelor degree

Experience

5 years minimum

Location requirements

United States

Hiring timezones

United States +/- 0 hours

Job categories

Penetration TestingCybersecurity ConsultingWeb Application SecurityOffensive SecuritySecurity Assessments

Skills

Penetration TestingWeb Application SecurityOWASP Top 10Cloud SecurityAWSMobile Application SecurityiOSAndroidNetwork SecurityAI LLM RisksApplied CryptographyAuthentication SystemsGolangCheckCosmosJavaJavaScriptMakeMovementPowerShell

Browse similar jobs

Remote Mid-level Penetration-Testing JobsRemote Full Time Penetration-Testing JobsRemote Mid-level Penetration-Testing Jobs in United StatesRemote Full Time Jobs in United StatesRemote Penetration-Testing Jobs in United States

About Bishop Fox

Learn more about Bishop Fox and their company culture.

View company profile

At Bishop Fox, our core mission is to create a safer digital world. We are recognized as the leading authority in offensive security, a reputation built over nearly two decades of partnering with some of the world's most influential organizations. Our culture is one of relentless curiosity and a commitment to staying ahead of the ever-evolving threat landscape. We believe that the best defense is a proactive offense. This philosophy drives our approach to security, focusing on identifying and neutralizing vulnerabilities before they can be exploited by malicious actors. Our team, comprised of some of the brightest minds in cybersecurity, is passionate about what they do. It's not just a job for us; it's a dedication to the common good. This commitment is reflected in our extensive contributions to the security community, including the development of numerous open-source tools and the publication of groundbreaking research and security advisories.

Our values are an integral part of our identity and guide our interactions with clients and each other. We believe in being 'Excellent to Each Other,' fostering a respectful and supportive environment. 'Do What You Say You Will' underscores our commitment to quality and accountability. 'Do the Right Thing' is paramount, as clients entrust us with their most sensitive information, and we never compromise their interests. 'Get Better Together' reflects our belief in continuous improvement and challenging the status quo. Finally, 'Give a Shit' encapsulates our genuine care for our work, our clients, and our community. We've cultivated an environment where passionate hackers can direct their skills toward making a positive impact. This has allowed us to work with over 25% of the Fortune 100, eight of the top ten global technology companies, and many other organizations to significantly enhance their security posture. Our innovative Cosmos platform and comprehensive suite of services, ranging from continuous penetration testing and red teaming to attack surface management and security assessments, are consistently recognized for their excellence.

Employee benefits

Learn about the employee benefits and perks provided at Bishop Fox.

View benefits

Work From Home Policy

Supports remote work.

401(k) plans

Retirement savings plan.

Maternity and paternity leave

Paid leave for new parents.

Company Social Outings

Organizes company social events.

View Bishop Fox's employee benefits
Claim this profileBishop Fox logoBF

Bishop Fox

Company size

201-500 employees

Founded in

2005

Chief executive officer

Vincent Liu, Francis Brown

Markets

CybersecurityOffensive SecurityPenetration TestingRed TeamingAttack Surface ManagementSecurity AssessmentsInformation SecurityTechnology ServicesEnterprise SecuritySecurity Consulting

Employees live in

United States
View company profile

Similar remote jobs

Here are other jobs you might want to apply for.

View all remote jobs

8 remote jobs at Bishop Fox

Explore the variety of open remote roles at Bishop Fox, offering flexible work options across multiple disciplines and skill levels.

View all jobs at Bishop Fox
Top remote companies

Remote companies like Bishop Fox

Find your next opportunity by exploring profiles of companies that are similar to Bishop Fox. Compare culture, benefits, and job openings on Himalayas.

View all companies

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan