​This is a remote Penetration Testing Analyst role on the Global Services team, focused on helping clients improve their security posture by performing comprehensive technical testing and delivering tactical reports. The role is heavily focused on hands-on attacking, high-quality report writing, and client communication, including assisting Managed Services teams with triage and incident response.

• ​Location: Remote, United States.
• ​Experience: 3+ years in an active technical security role, with previous technical security consulting experience preferred.
• ​Education/Certification: Bachelor’s degree (Computer Science or related) or equivalent experience. Certifications like GPEN, CPTS, or OSCP are required.
• ​Focus: Performing internal/external network penetration testing, web application and API testing, social engineering, developing executive briefings, and translating complex technical concepts for non-security personnel.

​Primary Responsibilities: Hacking, Reporting, and Client Delivery

​The analyst’s duties span from hands-on exploitation to crucial client-facing reporting and communication.

• ​Technical Testing: Perform technical testing against a variety of targets, including:
  • ​Network penetration testing (internal, external, and wireless).
  • ​Web application and API testing.
  • ​Social engineering (on-premise and electronic).
• ​Advanced Hacking: Enjoy attacking networks and hacking custom protocols implemented in embedded devices.
• ​Reporting & Quality: Consistently produce high-quality reports, perform peer-review of colleagues’ work, and help develop Executive Briefings.
• ​Client Communication: Deliver timely reports to clients and external stakeholders, and be capable of translating technical concepts to non-security personnel.
• ​Managed Services Support: Work with various Managed Services teams to deliver day-to-day tactical reports, triage alerts, address customer needs, and assist with incident response handling and communication.

​Required Skills and Expertise

​The role demands a strong foundation in offensive security tools, network protocols, and multiple programming languages.

• ​Penetration Testing Knowledge: Strong knowledge of modern penetration testing tools and methods.
• ​Security Concepts: Strong knowledge of network, web-based application, and IEEE 802.11 security concepts.
• ​Operating Systems: Knowledge of Windows/Linux/UNIX internals and the Internet protocol suite.
• ​Programming Languages: Experience using interpreted languages (Ruby, Python, PHP, etc.) and knowledge of compiled languages (Java, C, C++, Assembly, etc.).
• ​Consulting: Previous technical security consulting experience.