Sora Union is a professional services company specializing in Engineering, Design, and QA projects for businesses, organizations, and governments. The Sora Union team is globally distributed and made up of diverse and talented professionals impacted by or at risk of displacement due to conflict or climate change.
We are looking for a skilled and motivated Penetration QA Engineer to join our growing team. In this role, you will simulate real-world cyberattacks to identify and remediate security vulnerabilities across applications, networks, systems, and cloud environments.
You’ll work closely with security engineers, developers, and IT teams to proactively improve our security posture and protect sensitive data.
Key Responsibilities:
- Plan, execute, and document penetration tests on web apps, APIs, networks, and infrastructure
- Perform vulnerability assessments, threat modeling, and exploit validation
- Create detailed, technical reports and executive summaries with actionable remediation steps
- Collaborate with development and infrastructure teams to fix identified weaknesses
- Conduct red team / blue team exercises as needed
- Stay current with new vulnerabilities, attack techniques, and security tools
- Support compliance and regulatory audits with relevant testing evidence
- Contribute to security awareness and best practice training across teams
Ideally, you’ll have:
- Computer science or math degree with at least 5-7 years in a professional QA role
- 2+ years of experience with Penetration Testing
- Proven experience with penetration testing tools (e.g., Burp Suite, Metasploit, Nmap, Nessus, Kali Linux, etc.)
- Strong knowledge of network protocols, web app security, OWASP Top 10, and vulnerability management
- Proficiency in scripting or programming (e.g., Python, Bash, PowerShell)
- Understanding of Linux and Windows environments
The Penetration QA Engineer role is a short term contract position initially reporting to the QA Manager. This role is a distributed position and can be based in any location.
Sora Union is committed to creating and fostering a diverse team. We encourage people from underrepresented backgrounds and all walks of life to apply. We are committed to providing reasonable accommodations to all applicants throughout the application process.
Top Skills
Similar Jobs
.png)
What you need to know about the Boston Tech Scene
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
