Skip to content
Cobalt.ioCobalt.ioUnited States

Cobalt Core Pentester - US Remote-Only

Conduct manual penetration testing on web apps, APIs, networks, and iOS/Android mobile apps as part of a pentest team. Document findings, validate vulnerabilities, and focus on OWASP Top 10 for US-resident freelancers.

Salary not listed
RemoteSecurity Engineering

About the role

Responsibilities

  • Perform manual penetration testing of web applications, APIs, internal and external networks, iOS and Android mobile applications
  • Work as a member of a pentest team, collaborating and engaging directly with clients
  • Document in detail the results of assessments, audits, tests, and verification activities
  • Perform manual validation of vulnerabilities
  • Perform mobile and web app pentesting for OWASP top 10 vulnerabilities

Skills

Penetration TestingOwasp Top 10Web Application SecurityApi TestingNetwork Penetration TestingMobile App TestingIos SecurityAndroid SecurityVulnerability AssessmentManual Testing
Forus

Security Program Manager

ForusNew York, NY

Own end-to-end compliance programs (SOC 2, HIPAA, HITRUST), build customer trust function, implement automation, and partner with engineering on controls for a healthcare AI platform handling protected health information.

Salary not listed
On-site4+ YOESecurity Engineering
Anthropic

Safeguards Enforcement Analyst, Account Takeover & Credential Abuse

AnthropicSan Francisco, CA +2

Safeguards Enforcement Analyst focused on account takeover and credential abuse. Investigate compromise incidents, design remediation workflows, partner with engineering on detection, enforce AI usage policies, and develop scalable enforcement programs for platform safety.

245k – 285k/yr
HybridSecurity Engineering
Zocdoc

Application Security Engineer

ZocdocUnited States

Application Security Engineer partnering with engineering teams to embed security into the SDLC, triage SAST/SCA findings, provide remediation guidance on OWASP issues, maintain security docs/playbooks, support governance/audits, and integrate GenAI tools while building AI governance guardrails.

100k – 140k/yr
RemoteSecurity Engineering
Cloudflare

Detection & Mitigation Engineer

CloudflareUnited States

Security Detections Engineer identifying attacker TTPs, building real-time detections, and mitigating threats/abuse across Cloudflare's global platform using data analysis, SQL, scripting, and threat intelligence. Requires strong analytical and communication skills.

Salary not listed
HybridSecurity Engineering
Mintlify

Security & Compliance Operations Manager

MintlifySan Francisco, CA

Own and run Mintlify's end-to-end security and compliance programs (SOC 2, ISO 27001/42001, GDPR, Microsoft SSPA) as the first dedicated GRC Program Manager. Administer Drata, manage audits/vendors/evidence, handle customer-facing compliance, and coordinate with engineering.

120k – 180k/yr
On-site3+ YOESecurity Engineering