Network Penetration Tester

Location: Fully Remote (but local to Austin, TX area highly preferred)

Experience Level: 7+ Years

Job Type: Full-Time

About the Role

We’re looking for a Network Penetration Tester to break what others build. In this role, you’ll probe enterprise networks, cloud environments, and infrastructure to uncover vulnerabilities before attackers do. You’ll emulate real-world adversaries, exploit weaknesses, and deliver sharp insights that help strengthen our defenses. If you thrive on uncovering hidden paths, privilege escalation tricks, and cracking hardened perimeters, we want you on our team.

Key Responsibilities

  • Lead and execute advanced internal and external network penetration tests across diverse on-premises and multi-cloud environments (AWS, Azure, GCP).

  • Perform in-depth vulnerability assessments and sophisticated manual exploitation of identified weaknesses, demonstrating deep understanding of attack vectors.

  • Thoroughly test and analyze the security of firewalls, VPNs, routers, switches, wireless networks, and other critical infrastructure components, identifying configuration flaws and bypasses.

  • Design and simulate complex lateral movement, privilege escalation, and post-exploitation techniques within intricate enterprise environments, mimicking advanced persistent threats.

  • Conduct comprehensive Active Directory and identity security assessments, uncovering advanced attack paths and misconfigurations.

  • Develop, customize, and execute highly realistic threat scenarios that accurately reflect contemporary attacker TTPs (Tactics, Techniques, and Procedures) as defined by frameworks like MITRE ATT&CK.

  • Prepare detailed, executive-level reports and highly technical remediation guidance, effectively communicating complex findings and strategic recommendations to both technical and non-technical stakeholders.

  • Collaborate extensively with application security, dedicated red team, and SOC/Blue teams to ensure holistic, integrated security assessments and incident response readiness.

  • Continuously research and integrate the latest exploits, cutting-edge attack vectors, and advanced offensive security tools and methodologies into testing practices.

Required Qualifications

  • Minimum of 7+ years of hands-on experience in advanced penetration testing, red teaming, or offensive security roles, demonstrating a proven track record of successfully identifying and exploiting complex vulnerabilities.

  • Exceptional foundational knowledge of network protocols (TCP/IP, UDP, DNS, HTTP/S), operating systems (Windows, Linux, macOS internals), and enterprise-grade cloud networking architectures (AWS VPCs, Azure VNets, GCP VPCs).

  • Expert-level proficiency with a comprehensive suite of industry-standard penetration testing tools, including but not limited to: Nmap, Nessus, Burp Suite Professional, Metasploit Framework, BloodHound, Cobalt Strike, Covenant, Empire, and various open-source offensive toolkits.

  • Extensive practical experience in conducting sophisticated Active Directory assessments, encompassing a deep understanding of common attack vectors such as Kerberoasting, Pass-the-Hash/Ticket, Golden/Silver Ticket attacks, GPO abuses, and advanced persistent threat methodologies.

  • Demonstrated expertise in wireless security testing, including WEP/WPA/WPA2 cracking, rogue AP detection, and identifying common misconfigurations in enterprise wireless environments.

  • Profound understanding and practical application of exploitation techniques, advanced privilege escalation methods (both Windows and Linux), persistence mechanisms, and evasion strategies to bypass modern security controls.

  • Comprehensive working knowledge and practical application of industry security frameworks and methodologies, including MITRE ATT&CK, NIST Cybersecurity Framework, CIS Controls, and OWASP Top 10.

  • Superior reporting and documentation skills, with the ability to articulate highly technical findings, their real-world impact, and strategic, actionable remediation recommendations to both highly technical teams and executive-level stakeholders.

Preferred Qualifications

  • Industry certifications: OSCP, OSCE, PNPT, GPEN, GXPN, CRTP, CEH.

  • Experience with cloud penetration testing (AWS IAM misconfigs, Azure AD attacks).

  • Scripting/automation in Python, PowerShell, or Bash.

  • Prior consulting or client-facing security assessment experience.

Why Join Us?

  • Fully remote with flexible working hours.

  • Competitive salary and bonus incentives.

  • Continuous training and certification reimbursement.

  • Work on diverse projects across multiple industries.

  • Collaborative and innovative security team culture.

Direct Applicants Only – No Staffing Agencies or Third-Party Recruiters

We are not accepting solicitations from staffing agencies, recruiting firms, or third-party vendors for this position. Any unsolicited resumes or candidate submissions from such entities will not be considered, and we will not be responsible for any associated fees.

Thank you for respecting this policy.