Penetration Tester

Job Title: Junior Penetration TesterLocation: RemoteDuration: 6-12 monthsJob Summary:Role PurposeThe Junior Penetration Tester is an execution-focused role responsible for performing authorized security testing activities under defined methodologies and senior supervision. The role emphasizes technical fundamentals, repeatable testing discipline, and high-quality evidence capture in support of client penetration testing engagements.This role is designed to build strong delivery hygiene and prepare the individual for independent test ownership at the next grade.ResponsibilitiesDelivery ExecutionExecute scoped penetration testing tasks under supervision across:External and internal network assessmentsWeb application and API testingEntry-level cloud security testing (AWS, Azure, GCP)Perform reconnaissance, enumeration, vulnerability validation, and limited exploitation in strict accordance with approved Rules of Engagement.Validate automated scanner output and eliminate false positives through manual testing.Evidence & Reporting SupportCapture defensible evidence including:Reproduction stepsScreenshots and command outputClear attack narrativesDraft technical vulnerability content for reports, including:Root cause analysisImpact explanationRemediation guidance aligned to best practiceMaintain detailed working notes suitable for audit, peer review, and retesting.Operational DisciplineAdhere strictly to ethical testing principles, authorization boundaries, and client confidentiality.Follow defined testing playbooks, escalation paths, and quality standards.Participate in post-engagement lessons learned and internal quality reviews.Learning & DevelopmentActively develop technical capability through labs, internal training, and supervised client work.Progress toward independently executing complete test components.Required Skills & ExperienceTechnical FoundationStrong understanding of:TCP/IP, DNS, HTTP/SLinux and Windows fundamentalsCommon vulnerability classes (OWASP Top 10)Hands-on familiarity with:Burp SuiteNmapVulnerability scanners (e.g., Nessus, Qualys)Basic scripting capability (Python, Bash, or PowerShell).Experience2 3 years in penetration testing, security testing, or a closely related security role.Demonstrable hands-on exposure via labs, CTFs, bug bounties, or academic projects.Certifications (Preferred)CompTIA Security+Burp Suite Certified Practitioner (Associate)Progressing toward CREST CRT