Penetration Tester 2 (Hybrid - Seattle)

About The Position

Requirements

• 2-4 years of hands-on experience in penetration testing, offensive security, ethical hacking, or related security assessment roles
• Working knowledge of common penetration testing tools and frameworks (Cobalt Strike, Metasploit, Burp Suite, Nmap, BloodHound, or similar)
• Understanding of network protocols, operating systems (Windows, Linux, macOS), and cloud platforms (AWS, Azure, GCP)
• Familiarity with Active Directory, authentication mechanisms, and common exploitation techniques
• Experience with scripting languages (Python, Bash, PowerShell)
• Strong analytical and problem-solving skills with attention to detail
• Clear written and verbal communication skills, including ability to translate technical findings for diverse audiences
• Ability to work independently while knowing when to escalate or seek guidance
• Strong organizational skills and ability to manage multiple concurrent assessments
• Commitment to ethical standards and discretion when handling sensitive security information
• Bachelors Degree or Masters in Information Technology, Computer Science, Cybersecurity or related experience required
• Relevant certification(s) (e.g., Pentest+, CEH, GPEN, OSCP)
• Security Testing: Executes penetration tests and validates vulnerabilities
• Security Engineering: Automates testing tasks and supports remediation
• Threat Analysis: Identifies risks and communicates technical findings

Responsibilities

• Independently plan and execute reconnaissance activities across diverse systems and environments.
• Conduct standard penetration tests independently across networks, applications, and cloud environments with moderate support from Senior Analysts.
• Perform authenticated and unauthenticated testing to identify and confirm exploitable vulnerabilities
• Execute exploitation of discovered vulnerabilities and thoroughly document security impact
• Tune scanning and enumeration tools to minimize false positives and validate findings
• Participate in purple team engagements, carrying out scripted simulations, and validating results.
• Document findings with detailed titles, affected assets, scope, and reproducible evidence.
• Provide actionable remediation guidance and safe interim mitigation strategies
• Collaborate with development and infrastructure teams to validate fixes.

Benefits

• Medical/Vision, Dental, Retirement and Paid Time Away
• Life Insurance and Disability
• Merchandise Discount and EAP Resources
• 401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more.