The Senior Penetration Tester will conduct penetration tests for web applications, networks, and cloud environments, identify vulnerabilities, and communicate risks to clients.
Make a difference here.
UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.
By creating continuously optimized identification, detection, and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India.
UltraViolet Cyber (UV Cyber) is seeking an experienced Penetration Tester with a background in Web Applications, Network, and Cloud Security. This individual will play a key role in conducting penetration tests as one of the core capabilities of UltraViolet Cyber and our customers.
The penetration tester will execute simulated attacks against client information technology systems to demonstrate susceptibility to such attacks by an adversary, similar to how an advanced persistent threat (APT) would attempt to breach into an organizations' information systems. Qualified candidates must be able to assess target systems, identify vulnerabilities, safely exploit those vulnerabilities, and effectively communicate the risk to the client.
US Citizenship required, and candidates must be willing to be submitted for a US Government background investigation.
No third-party candidates will be considered
Familiarity with Security Content Automation Protocols (SCAP), Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS), Common Weakness Enumeration (CWE), or Common Platform Enumeration (CPE)
Understanding US Government Configuration Baseline (USGCB), Security Technical Implementation Guides (STIGs), NSA Guides, National Checklist Program (NCP) or Common Secure configurations
Responsibilities
- Conduct web application, Application Programming Interface (API), network, and cloud penetration tests.
- Use common penetration testing and red-team tools, tactics, techniques, and procedures.
- Analyze Proof of Concept (PoC) exploits to understand the underlying vulnerability and tailor the PoC to be safely used in target space.
- Automate Red Teaming and Penetration Testing techniques, to efficiently scale offensive operations, using common scripting and programing languages (e.g. Golang, Python, JavaScript, Bash, PowerShell, etc.).
- Conduct security assessments of cloud environments and application source code review.
- Conduct penetration tests in accordance with standard methodologies (i.e. OWASP, NIST, PTES).
- Utilize custom penetration testing tools, frameworks, and infrastructure.
- Assess risk of discovered vulnerabilities based on likelihood and severity of exploitation.
- Document and deliver technical reports on detailed findings and vulnerability remediation recommendations.
- Collaborate with clients throughout an assessment on status and vulnerability information.
- Evolve our capabilities and toolset
Penetration Testing in three (3) or more of the following:
- Web Applications
- External Networks
- Internal Networks
- Active Directory
- Cloud Environments (e.g. AWS, Azure, GCP)
Tools / Services:
- NMAP
- BurpSuite
- CrackMapExec
- BloodHound
- Ansible
- Terraform
- Git
- AWS
Minimum Requirements
- Bachelor’s Degree in Cybersecurity or related field preferred
- At least 2 years of experience related to conducting penetration tests or red-team assessments .
- Offensive Security Certified Professional (OSCP) preferred but not required: OSCP experience and knowledge is highly preferred.
What We Offer:
- 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed
- Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)
- Group Term Life, Short-Term Disability, Long-Term Disability
- Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
- Participation in the Discretionary Time Off (DTO) Program
- 11 Paid Holidays Annually
UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors.
We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.
UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status.
If you want to make an impact, UltraViolet Cyber is the place for you!
Top Skills
Ansible
AWS
Azure
Bash
Bloodhound
Burpsuite
Cloud Security
Crackmapexec
GCP
Git
Go
JavaScript
Nmap
Powershell
Python
Terraform
Web Applications
Similar Jobs
Professional Services • Business Intelligence
Conduct manual penetration testing, perform cyber security assessments, document vulnerabilities, and communicate remediation strategies. Drive innovation within the team.
Top Skills:
BashBurp SuiteC2 FrameworksDradisEvilginxGhostwriterGoGophishHashcatHTMLImpacketJavaScriptMetasploitNessusNmapNucleiPowershellPythonReact
Cloud • Security • Cybersecurity
The Senior Consultant leads application security engagements, performs penetration testing, contextualizes vulnerabilities, mentors teammates, and supports clients in improving security posture.
Top Skills:
APIsApplication Penetration TestingCloud TestingMobile Application TestingProgramming LanguagesSecurity PrinciplesWeb Application Testing
Computer Vision • Information Technology
Conduct penetration testing on web applications and networks, discover vulnerabilities, simulate adversary tactics, and contribute to automation efforts.
Top Skills:
AnsibleAWSAzureBashBurp Suite ProC#CobaltstrikeGitlabMetasploitNessusPowershellPythonRubyTerraform
What you need to know about the Boston Tech Scene
Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
