Senior​/Principal Penetration Tester

Trust Foundry is a specialist penetration testing consultancy based in Kansas City, built by practitioners who care deeply about doing offensive security properly. We are a small, highly technical team focused on delivering high-quality work to great clients.

Here, you won’t be buried in bureaucracy or stuck running low-value scans. You’ll spend your time hacking, researching, solving real problems, and collaborating with other experienced security professionals who genuinely enjoy what they do.

If you want meaningful technical work and the space to grow as a hacker; this is that environment.

We are looking for an experienced penetration tester with a strong focus on application security, complemented by broader exposure to infrastructure, cloud, and other offensive security domains.

This role spans mid-level through principal consultant, depending on experience. At the senior end, you’ll help shape engagements, mentor others, and influence how we deliver offensive security.

You will:

• Perform in-depth application penetration tests across modern web technologies
• Tackle complex and interesting client environments
• Deliver high-quality reports and present findings to both technical and non-technical stakeholders
• Collaborate closely with a small, senior team on challenging projects

• Fully remote with flexible scheduling
• Unlimited PTO – we trust adults to manage their time
• Real R&D time – research, tooling, CTFs, and skills development are encouraged
• Medical & dental (US FTE)
• Low-friction delivery – our internal platform makes reporting fast and painless
• Tight-knit, highly technical team (~8 pentesters) who genuinely enjoy hacking
• Interesting clients & complex engagements – not checkbox security

We’re small enough that your work matters, your ideas are heard, and your growth is supported.

• Strong experience performing complex web application penetration tests
• A well‑rounded offensive skillset across areas such as infrastructure, cloud, red team, mobile, or social engineering
• Ability to produce clear, professional reports and communicate findings effectively to diverse audiences

• Original research, CVEs, or open‑source tooling
• Participation in the security community (CTFs, projects, talks, etc.)
• Ability to read and write code in common languages
• Relevant education or self‑directed learning (MOOCs, books, labs)
• Certifications such as OSCP, OSCE, OSWE, OSWA, CRTO, CPTS, CAPE, BSCP, CWEE or similar

You’ll be joining a team that genuinely loves offensive security. We collaborate closely, take on challenging work, and continuously sharpen our skills. We avoid low-value engagements, prioritize quality over volume, and give our consultants the autonomy to do their best work.

If you want a role where you can hack deeply, learn constantly, influence how work is delivered, and still have flexibility in your life — we’d love to talk.

Apply BELOW