Job details

Penetration Tester

Make a difference here.

UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.

By creating continuously optimized identification, detection, and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India.

UltraViolet Cyber (UV Cyber) is seeking an experienced Penetration Tester with a background in Web & Mobile Application testing, Network, and Cloud Security related security assessments. This individual will play a key role in conducting penetration tests as one of the core capabilities of UltraViolet Cyber and in support of our growing customers base. We operate as a collaborative team, unified by integrity, passion, and communication.

The Penetration Tester will execute simulated attacks against client information technology systems to demonstrate susceptibility to such attacks by an adversary, similar to how an advanced persistent threat (APT) would attempt to breach into an organizations' information systems. Qualified candidates must be able to assess target systems, identify vulnerabilities, safely exploit those vulnerabilities, and effectively communicate the risk to the client.

US Citizenship required, and candidates must be willing to be submitted for a US Government background investigation.

No third-party candidates will be considered

Familiarity with Security Content Automation Protocols (SCAP), Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS), Common Weakness Enumeration (CWE), or Common Platform Enumeration (CPE)

Understanding US Government Configuration Baseline (USGCB), Security Technical Implementation Guides (STIGs), NSA Guides, National Checklist Program (NCP) or Common Secure configurations

Work You'll Do:

Conduct mobile application, web application, Application Programming Interface (API), network, and cloud penetration tests.
Use common penetration testing and red-team tools, tactics, techniques, and procedures.
Analyze Proof of Concept (PoC) exploits to understand the underlying vulnerability and tailor the PoC to be safely used in target space.
Automate Red Teaming and Penetration Testing techniques, to efficiently scale offensive operations, using common scripting and programing languages (e.g. Golang, Python, JavaScript, Bash, PowerShell, etc.).
Conduct security assessments of cloud environments and application source code review.
Conduct penetration tests in accordance with standard methodologies (i.e. OWASP, NIST, PTES).
Utilize custom penetration testing tools, frameworks, and infrastructure.
Assess risk of discovered vulnerabilities based on likelihood and severity of exploitation.
Document and deliver technical reports on detailed findings and vulnerability remediation recommendations.
Collaborate with clients throughout an assessment on status and vulnerability information.
Evolve our capabilities and toolset

Penetration Testing in three (3) or more of the following:

Web Applications
External Networks
Internal Networks
Active Directory
Cloud Environments (e.g. AWS, Azure, GCP)

Tools / Services:

NMAP
BurpSuite
CrackMapExec
BloodHound
Ansible
Terraform
Git
AWS

What You Have:

Bachelor’s Degree in Cybersecurity or related field preferred
At least 2 years of experience related to conducting penetration tests or red-team assessments .
Offensive Security Certified Professional (OSCP) preferred but not required: OSCP experience and knowledge is highly preferred.
Experience performing SAST, DAST, and code reviews

$120,000 - $130,000 a year

UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors.

We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.

UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status.

If you want to make an impact, UltraViolet Cyber is the place for you!

Average salary estimate

$125000 / YEARLY (est.)

min

max

$120000K

$130000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Penetration Tester, UltraViolet Cyber

At UltraViolet Cyber, we are on the front lines of cybersecurity, and we’re looking for a talented Penetration Tester to join our dynamic team in a remote capacity. With our state-of-the-art security-as-code platform, we bridge the gap between technology innovation and human expertise to deliver cutting-edge cybersecurity solutions to Fortune 500 companies, the Federal Government, and commercial clients. As a Penetration Tester, you will conduct simulated cyberattacks on client systems, helping them understand vulnerabilities and prepare against real-world threats. Your role is vital, as you will assess the security posture of web and mobile applications, cloud environments, and networks, using various sophisticated tools and techniques. You'll collaborate closely with clients, turning technical findings into understandable insights while delivering comprehensive reports that outline findings and remediation recommendations. This role not only demands technical prowess but also effective communication and teamwork. If you have a background in conducting penetration tests, familiarity with relevant security protocols, and experience with scripting languages, we’d love to speak with you. This position also requires a US Citizenship and the willingness to undergo a background investigation. Join us at UltraViolet Cyber where passion meets expertise and make a meaningful impact in the world of cybersecurity!

Frequently Asked Questions (FAQs) for Penetration Tester Role at UltraViolet Cyber

What are the responsibilities of a Penetration Tester at UltraViolet Cyber?

As a Penetration Tester at UltraViolet Cyber, your primary responsibilities include conducting various types of penetration tests such as web, mobile, API, cloud, and network assessments. You will evaluate target systems for vulnerabilities, safely exploit them, and analyze Proof of Concept (PoC) exploits. Your work will inform clients of vulnerabilities and risks, and you will also automate testing techniques using various scripting languages for efficient operations.