Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
Penetration Tester image - Rise Careers
Job details

Penetration Tester

Make a difference here.


UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.


By creating continuously optimized identification, detection, and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India. 


UltraViolet Cyber (UV Cyber) is seeking an experienced Penetration Tester with a background in Web Applications, Network, and Cloud Security. This individual will play a key role in conducting penetration tests as one of the core capabilities of UltraViolet Cyber and our customers.


The penetration tester will execute simulated attacks against client information technology systems to demonstrate susceptibility to such attacks by an adversary, similar to how an advanced persistent threat (APT) would attempt to breach into an organizations' information systems. Qualified candidates must be able to assess target systems, identify vulnerabilities, safely exploit those vulnerabilities, and effectively communicate the risk to the client.


US Citizenship required, and candidates must be willing to be submitted for a US Government background investigation.


No third-party candidates will be considered


Familiarity with Security Content Automation Protocols (SCAP), Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS), Common Weakness Enumeration (CWE), or Common Platform Enumeration (CPE)


Understanding US Government Configuration Baseline (USGCB), Security Technical Implementation Guides (STIGs), NSA Guides, National Checklist Program (NCP) or Common Secure configurations


Responsibilities
  • Conduct web application, Application Programming Interface (API), network, and cloud penetration tests.
  • Use common penetration testing and red-team tools, tactics, techniques, and procedures.
  • Analyze Proof of Concept (PoC) exploits to understand the underlying vulnerability and tailor the PoC to be safely used in target space.
  • Automate Red Teaming and Penetration Testing techniques, to efficiently scale offensive operations, using common scripting and programing languages (e.g. Golang, Python, JavaScript, Bash, PowerShell, etc.).
  • Conduct security assessments of cloud environments and application source code review.
  • Conduct penetration tests in accordance with standard methodologies (i.e. OWASP, NIST, PTES).
  • Utilize custom penetration testing tools, frameworks, and infrastructure.
  • Assess risk of discovered vulnerabilities based on likelihood and severity of exploitation.
  • Document and deliver technical reports on detailed findings and vulnerability remediation recommendations.
  • Collaborate with clients throughout an assessment on status and vulnerability information.
  • Evolve our capabilities and toolset


Penetration Testing in three (3) or more of the following:
  • Web Applications
  • External Networks
  • Internal Networks
  • Active Directory
  • Cloud Environments (e.g. AWS, Azure, GCP)


Tools / Services:
  • NMAP
  • BurpSuite
  • CrackMapExec
  • BloodHound
  • Ansible
  • Terraform
  • Git
  • AWS


Minimum Requirements
  • Bachelor’s Degree in Cybersecurity or related field preferred
  • At least 2 years of experience related to conducting penetration tests or red-team assessments .
  • Offensive Security Certified Professional (OSCP) preferred but not required: OSCP experience and knowledge is highly preferred.


What We Offer:
  • 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed  
  • Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)  
  • Group Term Life, Short-Term Disability, Long-Term Disability  
  • Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness  
  • Participation in the Discretionary Time Off (DTO) Program  
  • 11 Paid Holidays Annually 


$100,000 - $130,000 a year

UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors.



We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.


UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status. 


If you want to make an impact, UltraViolet Cyber is the place for you! 

Average salary estimate

$115000 / YEARLY (est.)
min
max
$100000K
$130000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Penetration Tester, UltraViolet Cyber

Join the innovative team at UltraViolet Cyber as a Penetration Tester! This remote role is perfect for someone passionate about web applications, network, and cloud security. At UltraViolet Cyber, we redefine security operations with our cutting-edge cybersecurity platform designed by experts who have immersed themselves in the field for years. As a Penetration Tester, you will be at the forefront of our mission, conducting essential penetration tests that help our clients, ranging from Fortune 500 enterprises to federal governments, secure their systems against advanced threats. You’ll simulate attacks to identify vulnerabilities and exploit them safely, equipping clients with actionable insights on how to bolster their defenses. Collaboration is key, as you’ll work closely with clients to ensure they understand their risk exposure. Familiarity with various security protocols and tools, such as SCAP, CVE, BurpSuite, and NMAP, will be crucial in helping you assess target systems and communicate findings effectively. If you hold a Bachelor’s Degree in Cybersecurity and have at least two years of related experience, along with a desire to evolve in a diverse and inclusive workplace, we want to hear from you! UltraViolet Cyber offers competitive salaries, great benefits, and a culture that celebrates individuality and innovation. If you're ready to contribute your skills in a meaningful way, this is the opportunity for you!

Frequently Asked Questions (FAQs) for Penetration Tester Role at UltraViolet Cyber
What are the responsibilities of a Penetration Tester at UltraViolet Cyber?

As a Penetration Tester at UltraViolet Cyber, your primary responsibilities will include executing penetration tests on web applications, networks, and cloud environments, as well as assessing the security of Application Programming Interfaces (APIs). You will utilize a variety of tools and methodologies to identify and exploit vulnerabilities, analyze Proof of Concept (PoC) exploits, and automate red teaming techniques. Continuous collaboration with clients will also be vital to ensure they understand their security posture, and you'll document findings along with remediation strategies.

Join Rise to see the full answer
What qualifications are required for the Penetration Tester position at UltraViolet Cyber?

To be considered for the Penetration Tester position at UltraViolet Cyber, candidates should ideally have a Bachelor's Degree in Cybersecurity or a related field, alongside at least two years of related experience conducting penetration tests or red team assessments. While an Offensive Security Certified Professional (OSCP) certification is preferred, it is not mandatory. Familiarity with industry-standard practices such as OWASP, NIST, and PTES is essential.

Join Rise to see the full answer
What tools should a Penetration Tester be familiar with at UltraViolet Cyber?

A Penetration Tester at UltraViolet Cyber should be proficient with several tools and technologies that aid in vulnerability assessment and exploitation. This includes popular tools like NMAP, BurpSuite, and various scripting languages such as Python and Bash. Additionally, experience with cloud services like AWS, GCP, or Azure, and understanding automation frameworks like Ansible and Terraform will be highly beneficial.

Join Rise to see the full answer
How does UltraViolet Cyber support the professional development of its Penetration Testers?

UltraViolet Cyber is committed to the professional growth of its Penetration Testers by providing opportunities for continued education and training. Employees are encouraged to pursue certifications such as OSCP or engage in other professional development activities. The company’s collaborative environment also fosters knowledge sharing among colleagues, enhancing skill development and expertise in the cybersecurity domain.

Join Rise to see the full answer
What is the salary range for a Penetration Tester at UltraViolet Cyber?

The salary range for a Penetration Tester at UltraViolet Cyber typically falls between $100,000 and $130,000 per year. This range is determined based on various factors such as knowledge, skills, experience, and market conditions. The company values diversity and aims to reflect this within its compensation structure, ensuring fair practices in salary placement.

Join Rise to see the full answer
Common Interview Questions for Penetration Tester
Can you explain your penetration testing methodology?

When discussing your penetration testing methodology during an interview, outline the phased approach you typically take, such as reconnaissance, scanning, exploitation, and reporting. Detail how you gather intelligence, identify vulnerabilities, and your thought process when exploiting weaknesses, ensuring to mention any frameworks or standards you follow.

Join Rise to see the full answer
What experience do you have with web application penetration testing?

Share specific examples of web applications you've tested, focusing on the tools you utilized and the types of vulnerabilities you discovered. Highlight your understanding of common web vulnerabilities such as SQL injection and Cross-Site Scripting (XSS), and discuss how you prioritized and communicated these risks to stakeholders.

Join Rise to see the full answer
How do you keep up to date with the latest cybersecurity threats and tools?

Demonstrate your commitment to ongoing learning by mentioning cybersecurity news sources, blogs, or thought leaders you follow. Describe any training, workshops, or communities you engage with, and emphasize the importance of staying informed on emerging threats and advancements in penetration testing tools.

Join Rise to see the full answer
What is your experience with automation in penetration testing?

Discuss how you have used automation to enhance the efficiency of your penetration testing processes. Offer examples of scripts or tools you've developed using languages like Python or Bash to automate repetitive tasks, allowing you to focus on more complex assessments and analyses.

Join Rise to see the full answer
Can you describe a challenging vulnerability you discovered and how you addressed it?

Provide a detailed account of a specific vulnerability you identified, the steps you took to exploit it, and the subsequent recommendations you made for remediation. Emphasize the impact of this vulnerability on the client’s security posture and how your work contributed to their overall risk management strategy.

Join Rise to see the full answer
How do you prioritize risks found during assessments?

Explain your approach to risk assessment, detailing how you consider factors such as the likelihood of exploitation and potential impact on the organization when prioritizing vulnerabilities. Mention any scoring systems you use, like CVSS, and discuss how you communicate these priorities to both technical and non-technical stakeholders.

Join Rise to see the full answer
What penetration testing tools are you most familiar with?

List the penetration testing tools you are most comfortable using, such as BurpSuite, NMAP, or Metasploit. For each tool, briefly describe its primary function and how you have utilized it in previous roles to effectively identify and exploit vulnerabilities.

Join Rise to see the full answer
How do you document and report your findings after a penetration test?

Discuss your documentation process, emphasizing the importance of clear, structured reports that include an overview, detailed findings, and actionable recommendations. Mention how you tailor reports to different audiences, ensuring clarity for both technical teams and executive management.

Join Rise to see the full answer
What ethical considerations do you adhere to when conducting penetration tests?

Highlight your understanding of legal and ethical implications in penetration testing, including the importance of obtaining consent and conducting tests within agreed-upon scope. Emphasize your commitment to responsible disclosure of vulnerabilities and the ethical standards you follow in your work.

Join Rise to see the full answer
Why do you want to work as a Penetration Tester at UltraViolet Cyber?

Articulate your passion for cybersecurity and desire to contribute to UltraViolet Cyber's mission of providing top-notch security solutions. Discuss how the company's innovative approach and commitment to diversity resonate with your professional goals, making it a perfect environment for your growth as a Penetration Tester.

Join Rise to see the full answer
Similar Jobs
Posted 7 days ago
Photo of the Rise User
Posted 4 days ago
Photo of the Rise User
Posted 7 days ago
Disability Insurance
Flexible Spending Account (FSA)
Health Savings Account (HSA)
Vision Insurance
Performance Bonus
Paid Holidays
Photo of the Rise User
HP Inc. Hybrid Fort Lauderdale, Florida, United States
Posted 19 hours ago
Photo of the Rise User
Posted 10 days ago
Photo of the Rise User
Inclusive & Diverse
Rise from Within
Mission Driven
Diversity of Opinions
Work/Life Harmony
Posted 4 days ago
MATCH
Calculating your matching score...
FUNDING
SENIORITY LEVEL REQUIREMENT
TEAM SIZE
No info
HQ LOCATION
No info
EMPLOYMENT TYPE
Full-time, remote
DATE POSTED
January 2, 2025

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!
LATEST ACTIVITY
Photo of the Rise User
11 people applied to Director CISO at Elevation Capital
Photo of the Rise User
Someone from OH, Sandusky just viewed Head of IT/Security at Aerones
Photo of the Rise User
Someone from OH, Sandusky just viewed Vice President, Technology at MedVA
I
Someone from OH, Sandusky just viewed IT Manager at Infinite Locus
Photo of the Rise User
Someone from OH, Cincinnati just viewed Finance Associate at Street Diligence
M
Someone from OH, Sandusky just viewed Director of Security, IT, & Compliance at Murmuration
W
Someone from OH, Sandusky just viewed Enterprise Technology Director at World Central Kitchen
Photo of the Rise User
Someone from OH, Sandusky just viewed Director of IT at Kyo
Photo of the Rise User
Someone from OH, North Ridgeville just viewed Remote Manager in Training- CS/Sales at Global Elite
Photo of the Rise User
Someone from OH, Cleveland just viewed Software Engineer I (DevOps) at Mastercard
C
Someone from OH, Warren just viewed Front End Developer (for AI Agent) at CyberCare
I
Someone from OH, Warren just viewed Senior Angular Lead at Integrators services a.s.
Photo of the Rise User
Someone from OH, Warren just viewed SSr. Front End Engineer (Angular.js) at NTD Software
Photo of the Rise User
Someone from OH, Warren just viewed Front-End Developer at Apex Logic
S
Someone from OH, Warren just viewed Angular Developer at Sparkland
Photo of the Rise User
Someone from OH, New Albany just viewed Diversity, Equity & Inclusion Manager at Axios
Photo of the Rise User
Someone from OH, Cincinnati just viewed Customer Service Associate at 2K
Photo of the Rise User
Someone from OH, Marion just viewed Casting: '2' at Backstage
Photo of the Rise User
Someone from OH, Westerville just viewed Junior Videographer at HyperionDev
Photo of the Rise User
Someone from OH, Columbus just viewed Part-time driver | Columbus, OH at Uber
Photo of the Rise User
Someone from OH, Columbus just viewed Operations Manager, Overnight at hims & hers
Photo of the Rise User
Someone from OH, North Ridgeville just viewed Court Security Officer, Juneau, AK at Walden Security