Junior Penetration Tester - 0122 SS #10

Job Description

Job DescriptionJob Title: Junior Penetration Tester

Work Type: Remote
Contract Duration: 6–12 Months

Role Summary

The Junior Penetration Tester is an execution-focused role responsible for performing authorized security testing activities under established methodologies and senior supervision. This position emphasizes strong technical fundamentals, disciplined testing practices, and high-quality evidence capture to support penetration testing engagements.
The role is designed to build delivery rigor and prepare the individual for independent test ownership at the next career level.

Key ResponsibilitiesDelivery Execution

• Execute scoped penetration testing activities under supervision, including:

  • External and internal network assessments

  • Web application and API testing

  • Entry-level cloud security testing (AWS, Azure, GCP)

• Perform reconnaissance, enumeration, vulnerability validation, and limited exploitation strictly in accordance with approved Rules of Engagement.

• Validate automated scanner findings and eliminate false positives through manual verification.

Evidence & Reporting Support

• Capture defensible and audit-ready evidence, including:

  • Reproduction steps

  • Screenshots and command outputs

  • Clear attack narratives

• Draft technical vulnerability content for reports, including:

  • Root cause analysis

  • Business and technical impact explanation

  • Remediation guidance aligned with security best practices

• Maintain detailed working notes suitable for peer review, audit, and retesting.

Operational Discipline

• Adhere strictly to ethical testing principles, authorization boundaries, and confidentiality requirements.

• Follow defined testing playbooks, escalation procedures, and quality standards.

• Participate in post-engagement reviews, lessons learned, and internal quality assurance activities.

Learning & Development

• Actively build technical capability through labs, internal training, and supervised client work.

• Progress toward independently executing complete test components and engagement tasks.

Required Skills & ExperienceTechnical Foundation

• Strong understanding of:

  • TCP/IP, DNS, HTTP/HTTPS

  • Linux and Windows operating systems

  • Common vulnerability classes (OWASP Top 10)

• Hands-on familiarity with tools such as:

  • Burp Suite

  • Nmap

  • Vulnerability scanners (e.g., Nessus, Qualys)

• Basic scripting capability using Python, Bash, or PowerShell.

Experience

• 2–3 years of experience in penetration testing, security testing, or a closely related cybersecurity role.

• Demonstrated hands-on exposure through labs, CTFs, bug bounty programs, academic projects, or equivalent practical experience.

Certifications (Preferred)

• CompTIA Security+

• Burp Suite Certified Practitioner (Associate level)

• Progress toward CREST CRT or equivalent certification