BURGEON IT SERVICES
Penetration Testing Specialist @ Redmond, WA Onsite
BURGEON IT SERVICES, Redmond, Washington, United States, 98052
Penetration Testing Specialist @ Redmond, WA Onsite
Location: Redmond, WA Onsite Duration: Long Term Contract Seeking a skilled and detail-oriented
Penetration Testing Specialist
to conduct a comprehensive security assessment of key features and components, including
Screen/Window Sharing ,
Teams Extensibility Apps , and
associated Cloud Services . The ideal candidate will possess hands-on experience in security testing of modern collaboration platforms, with a strong understanding of threat modeling, vulnerability analysis, and exploitation techniques specific to real-time communication environments. Key Responsibilities: Lead and execute
independent penetration testing assessments
focused on: Screen/Window Sharing functionality Teams Extensibility Apps and integrations (e.g., bots, tabs, connectors) Cloud-based services powering Microsoft Teams features Perform
black-box ,
white-box , and
gray-box
testing as needed to simulate real-world attack scenarios. Conduct
threat modeling and attack surface analysis
for the targeted features. Identify and exploit vulnerabilities, misconfigurations, insecure design patterns, and logic flaws. Provide
clear documentation
of findings, including severity, reproduction steps, and recommended remediation strategies. Collaborate with Engineering and Security teams to ensure findings are addressed and risks mitigated. Stay up-to-date with the latest industry threats and security trends in video conferencing, real-time communication, and cloud-native architectures. Required Qualifications: 5+ years of experience in
penetration testing , application security, or red teaming. Strong expertise in: Web application and API security (especially OAuth, SSO, token flows) Cloud service security (preferably Azure) Real-time media security protocols (e.g., WebRTC, SRTP) Familiarity with Microsoft Teams architecture and extensibility model is a plus. Hands-on experience with tools like
Burp Suite ,
Nmap ,
Wireshark ,
Metasploit ,
Nessus ,
OWASP ZAP , etc. Relevant certifications preferred:
OSCP ,
OSWE ,
GWAPT ,
CPT , or similar. Seniority Level:
Mid-Senior level Employment Type:
Contract Job Function:
Information Technology, Business Development, and Consulting Industries:
Information Services, Software Development, and International Trade and Development #J-18808-Ljbffr
Location: Redmond, WA Onsite Duration: Long Term Contract Seeking a skilled and detail-oriented
Penetration Testing Specialist
to conduct a comprehensive security assessment of key features and components, including
Screen/Window Sharing ,
Teams Extensibility Apps , and
associated Cloud Services . The ideal candidate will possess hands-on experience in security testing of modern collaboration platforms, with a strong understanding of threat modeling, vulnerability analysis, and exploitation techniques specific to real-time communication environments. Key Responsibilities: Lead and execute
independent penetration testing assessments
focused on: Screen/Window Sharing functionality Teams Extensibility Apps and integrations (e.g., bots, tabs, connectors) Cloud-based services powering Microsoft Teams features Perform
black-box ,
white-box , and
gray-box
testing as needed to simulate real-world attack scenarios. Conduct
threat modeling and attack surface analysis
for the targeted features. Identify and exploit vulnerabilities, misconfigurations, insecure design patterns, and logic flaws. Provide
clear documentation
of findings, including severity, reproduction steps, and recommended remediation strategies. Collaborate with Engineering and Security teams to ensure findings are addressed and risks mitigated. Stay up-to-date with the latest industry threats and security trends in video conferencing, real-time communication, and cloud-native architectures. Required Qualifications: 5+ years of experience in
penetration testing , application security, or red teaming. Strong expertise in: Web application and API security (especially OAuth, SSO, token flows) Cloud service security (preferably Azure) Real-time media security protocols (e.g., WebRTC, SRTP) Familiarity with Microsoft Teams architecture and extensibility model is a plus. Hands-on experience with tools like
Burp Suite ,
Nmap ,
Wireshark ,
Metasploit ,
Nessus ,
OWASP ZAP , etc. Relevant certifications preferred:
OSCP ,
OSWE ,
GWAPT ,
CPT , or similar. Seniority Level:
Mid-Senior level Employment Type:
Contract Job Function:
Information Technology, Business Development, and Consulting Industries:
Information Services, Software Development, and International Trade and Development #J-18808-Ljbffr