Penetration Test Engineer (Remote)

Job Title: Penetration Test EngineerWork Location: RemoteDuration: 6 month contract with option to extendEducation/Experience Required: 5+ years of hands-on penetration testing, red team, offensive security, or security assessment experience in enterprise environments.Job Description & Responsibilities:Lead end-to-end penetration testing for a Zero Trust environment centered on Microsoft Entra Private Access, validating secure access to private apps and resources, connector posture, segmentation, policy enforcement, and VPN-replacement controls within Microsoft's Global Secure Access architecture.Execute offensive security assessments across the client scope, including external network penetration testing, unauthenticated external URL testing, wireless penetration testing and NAC evasion, external and internal application penetration testing, Microsoft 365 / O365 tenant testing, AWS WorkSpaces assessment, and VPN platform assessments.Assess enterprise and edge security posture before endpoint rollout, identifying exploitable weaknesses across identity, network, application, remote access, wireless, and cloud control planes.Validate security of Microsoft Entra Private Access use cases such as IP- and FQDN-based private resource access, per-app access, Quick Access configurations, traffic forwarding, and connector-based private resource publishing.Partner with client IT teams to support secure deployment of laptops and mobile devices using Microsoft Intune and Microsoft EntraEvaluate conditional access, device compliance, identity protection, and endpoint risk integrations that influence access to corporate resources in a Zero Trust model.Produce clear, defensible findings with severity ratings, technical evidence, business impact, remediation guidance, and executive-ready summaries.Present results, risks, and recommendations to technical teams and executive business stakeholders in a polished, professional manner.Advise on remediation priorities and retesting strategy to help ensure the environment is hardened before production deployment of new endpoints.Travel to client sites as needed to perform onsite wireless, NAC, endpoint, infrastructure, and executive-facing assessment activities.Skills & Qualifications:5+ years of hands-on penetration testing, red team, offensive security, or security assessment experience in enterprise environments.Proven experience performing multi-domain assessments across external networks, internal applications, wireless environments, cloud services, remote access platforms, identity systems, and collaboration tenants.Strong experience testing Zero Trust / ZTNA environments, ideally including Microsoft Entra Private Access, which is Microsoft's identity-centric secure access service for private apps and resources within Global Secure Access.Strong practical knowledge of Microsoft Entra, Conditional Access, device-based access controls, role-based administration, and secure access design.Experience with Microsoft Intune for modern endpoint deployment, enrollment, compliance, configuration, protection, and secure rollout of Windows and mobile devices.Experience assessing or supporting Microsoft 365 / O365 security, VPN security, AWS-hosted end user environments such as WorkSpaces, and enterprise wireless security controls.Strong application security testing skills across authenticated and unauthenticated scenarios, multiple user roles, and dynamic web applications.Strong understanding of secure endpoint architecture and the dependencies required to deploy protected devices at scale, including policy baselines, endpoint connectivity, and risk-based access enforcement.Excellent written and verbal communication skills, with the ability to translate technical findings into concise business language for executive audiences.Professional client presence, sound judgment, and the ability to operate effectively in business-professional environments.Relevant certifications such as OSCP, OSWE, GPEN, GWAPT, GXPN, PNPT, CISSP, or comparable credentials are strongly preferred.Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related field preferred; equivalent hands-on experience accepted.For more information or to view other opportunities, visit us atPaladin Consulting is an EEOC employer.