Penetration QA Engineer for Sora Union (Freelance)

Sora Union is a professional services company specializing in Engineering, Design, and QA projects for businesses, organizations, and governments. The Sora Union team is globally distributed and made up of diverse and talented professionals impacted by or at risk of displacement due to conflict or climate change.

We are looking for a skilled and motivated Penetration QA Engineer to join our growing team. In this role, you will simulate real-world cyberattacks to identify and remediate security vulnerabilities across applications, networks, systems, and cloud environments.
You’ll work closely with security engineers, developers, and IT teams to proactively improve our security posture and protect sensitive data.

Key Responsibilities:

• Plan, execute, and document penetration tests on web apps, APIs, networks, and infrastructure
• Perform vulnerability assessments, threat modeling, and exploit validation
• Create detailed, technical reports and executive summaries with actionable remediation steps
• Collaborate with development and infrastructure teams to fix identified weaknesses
• Conduct red team / blue team exercises as needed
• Stay current with new vulnerabilities, attack techniques, and security tools
• Support compliance and regulatory audits with relevant testing evidence
• Contribute to security awareness and best practice training across teams

Ideally, you’ll have:

• Computer science or math degree with at least 5-7 years in a professional QA role
• 2+ years of experience with Penetration Testing
• Proven experience with penetration testing tools (e.g., Burp Suite, Metasploit, Nmap, Nessus, Kali Linux, etc.)
• Strong knowledge of network protocols, web app security, OWASP Top 10, and vulnerability management
• Proficiency in scripting or programming (e.g., Python, Bash, PowerShell)
• Understanding of Linux and Windows environments

The Penetration QA Engineer role is a short term contract position initially reporting to the QA Manager. This role is a distributed position and can be based in any location.

Sora Union is committed to creating and fostering a diverse team. We encourage people from underrepresented backgrounds and all walks of life to apply. We are committed to providing reasonable accommodations to all applicants throughout the application process.