Penetration Tester

Ova Technologies

$90K — $130K *
US-AnywhereRemote in New York, NY
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related field
  • 3-7 years of experience in Penetration Testing or Cybersecurity
  • Professional certifications highly preferred (CEH, OSCP, GPEN, PNPT, CISSP)
  • Hands-on experience with application, network, and cloud security assessments
  • Strong understanding of cybersecurity principles and attack methodologies

Responsibilities

  • Conduct penetration tests on a variety of environments including web applications and networks
  • Perform vulnerability assessments to identify and analyze weaknesses
  • Simulate real-world attack scenarios to evaluate defenses
  • Provide detailed reports with risk ratings and remediation recommendations
  • Assist development teams in implementing security best practices
  • Stay informed about emerging threats and attack techniques
  • Support red team exercises and security awareness initiatives

Benefits

  • Remote, hybrid, or on-site work options
  • Opportunities for professional development and certifications
  • Collaborative work environment
  • Access to cutting-edge security tools and technologies
  • Engagement in innovative cybersecurity research projects
Full Job Description
Job Title:

Penetration Tester (Ethical Hacker)

Job Summary:

We are seeking a skilled Penetration Tester to identify, assess, and help remediate security vulnerabilities across applications, networks, cloud environments, and enterprise systems. The ideal candidate will perform authorized security assessments, simulate real-world cyberattacks, and provide actionable recommendations to strengthen the organization's security posture. This role requires a deep understanding of offensive security techniques, vulnerability management, and security best practices.

Key Responsibilities:
  • Conduct penetration tests on web applications, APIs, mobile applications, networks, cloud environments, and infrastructure.
  • Perform vulnerability assessments and security audits to identify weaknesses.
  • Simulate real-world attack scenarios to evaluate security controls and defenses.
  • Analyze findings and provide detailed reports with risk ratings and remediation recommendations.
  • Validate vulnerability fixes through retesting activities.
  • Conduct security reviews of system architectures and application designs.
  • Assist development and infrastructure teams in implementing security best practices.
  • Perform reconnaissance, threat modeling, and attack surface analysis.
  • Stay informed about emerging threats, vulnerabilities, and attack techniques.
  • Support red team exercises and security awareness initiatives.
  • Ensure testing activities comply with legal, regulatory, and organizational requirements.

Required Skills:
  • Strong understanding of cybersecurity principles and attack methodologies.
  • Experience with web application, network, and cloud security testing.
  • Knowledge of common vulnerabilities such as OWASP Top 10 and MITRE Telecommunication&CK.
  • Strong analytical and problem-solving skills.
  • Ability to communicate technical findings to both technical and non-technical stakeholders.
  • Experience writing professional penetration testing reports.

Technical Skills:
  • Security Testing Tools: Burp Suite, OWASP ZAP, Nessus, Nmap, Metasploit
  • Web Application Security Testing
  • API Security Testing
  • Mobile Security Testing (Android/iOS)
  • Network Security Assessment
  • Cloud Security (AWS, Azure, GCP)
  • Operating Systems: Linux, Windows
  • Scripting Languages: Python, PowerShell, Bash
  • Vulnerability Management Tools: Qualys, Rapid7, Tenable
  • Security Frameworks: OWASP, NIST, CIS Controls, MITRE Telecommunication&CK

Qualifications:
  • Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field.
  • Professional certifications are highly preferred:
    • CEH (Certified Ethical Hacker)
    • OSCP (Offensive Security Certified Professional)
    • GPEN (GIAC Penetration Tester)
    • PNPT (Practical Network Penetration Tester)
    • CISSP (Preferred)

Experience:
  • 3-7 years of experience in Penetration Testing, Ethical Hacking, Red Teaming, or Cybersecurity.
  • Hands-on experience conducting application, network, and cloud security assessments.
  • Experience using industry-standard penetration testing tools and methodologies.
  • Familiarity with Agile, DevSecOps, and Secure SDLC practices.

Preferred Qualifications:
  • Experience with Red Team and Purple Team engagements.
  • Knowledge of Active Directory security and privilege escalation techniques.
  • Experience with container and Kubernetes security assessments.
  • Understanding of cloud-native security controls and architecture.
  • Experience performing source code security reviews and secure coding assessments.

Preferred Qualities:
  • Strong investigative and analytical mindset.
  • High attention to detail and commitment to ethical standards.
  • Excellent report writing and presentation skills.
  • Ability to work independently and collaboratively.
  • Passion for cybersecurity research and continuous learning.

Employment Type:

Full-Time

Location:

Remote / Hybrid / On-site

Nice to Have:
  • Experience with bug bounty programs and responsible disclosure processes.
  • Knowledge of Security Operations Center (SOC) workflows and incident response.
  • Familiarity with threat intelligence platforms and threat hunting.
  • Experience testing enterprise SaaS, FinTech, Healthcare, Government, or Cloud-native applications.
  • Contributions to cybersecurity research, security blogs, open-source tools, or conference presentations.

Similar Jobs

More Jobs at Ova Technologies

  • Video Analytics Engineer
    $90K — $130K *
    New York, NY 10025 (New York County)
    Information Technology
    In-Person
  • Video Analytics Engineer
    $90K — $130K *
    Remote
    Information Technology
    Remote in New York, NY
  • Penetration Tester
    $90K — $130K *
    New York, NY 10025 (New York County)
    Information Technology
    In-Person
  • Penetration Tester
    $90K — $130K *
    Remote
    Information Technology
    Remote in New York, NY
  • MLOps Engineer
    $120K — $150K *
    Remote
    Information Technology
    Remote in New York, NY

More Information Technology Jobs

Find similar Penetration Tester jobs: