Associate Network Penetration Testing Engineer
About The Position
The Associate Network Penetration Testing Engineer will support the organization’s penetration testing and security assessment efforts by conducting vulnerability scans, organizing testing activities, and preparing detailed reports for all network penetration testing engagements. This role will work closely with senior penetration testers to document findings, prepare reports, and track remediation efforts. This position is ideal for an early-career cybersecurity professional looking to gain hands-on experience in penetration testing, vulnerability management, and security operations. The engineer will develop foundational skills in offensive security while contributing to improving the organization’s overall security posture.
Requirements
- High school diploma or equivalent
- 1–3 years of experience in cybersecurity, IT, or a related field (internships or labs acceptable)
- Basic understanding of networking concepts (TCP/IP, DNS, firewalls, etc.)
- Familiarity with common security tools (e.g., Nmap, Nessus, Burp Suite)
- Strong written communication skills, with the ability to clearly document technical findings
- Strong organizational skills and attention to detail
- Willingness to learn and grow in penetration testing and cybersecurity
- Ability to work collaboratively in a team environment
Nice To Haves
- Associate’s or Bachelor’s degree in Cybersecurity, Information Technology, or related field
- Exposure to penetration testing concepts (e.g., via labs, coursework, or certifications)
- Familiarity with vulnerability management processes
- Basic understanding of web application or network security concepts
- Entry-level certifications such as Security+, eJPT, or similar
- Exposure to compliance frameworks such as NIST, SOC 2, or HIPAA
Responsibilities
- Document penetration testing activities, including drafting detailed technical reports and executive summaries
- Track and manage findings from penetration tests, and follow-up on remediation efforts
- Support continuous attack surface monitoring and vulnerability tracking under guidance from senior engineers
- Maintain testing documentation, including Rules of Engagement (RoE), test plans, and methodologies
- Produce regular reports for Security Department regarding active threats to Caris technology infrastructure
- Coordinate with internal teams to collect evidence and validate remediation of identified vulnerabilities
- Assist in preparing materials and presentations for stakeholders and business units
- Support vulnerability scanning activities using tools such as Nessus and assist in interpreting results
- Organize and maintain penetration testing artifacts, logs, and evidence
- Participate in basic security assessments and testing activities under supervision
- Assist with compliance and audit-related documentation (e.g., SOC 2, NIST, HIPAA)
- Stay current on cybersecurity trends, tools, and best practices
- Support incident response and investigation efforts as directed
- Perform other administrative and operational tasks to support the security engineering team
- Assist with development of training activities for the Security Department, including tabletop exercises
Benefits
- Training will be provided on job-specific, safety, and compliance topics relevant to the role.
- Occasional after-hours work for incident response.
- Some on-call responsibilities may be assigned in support of technical emergencies.
- Trainings and functions may require intermittent travel, paid by the company.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
Education Level
High school or GED
