Penetration Testing Engineer - Network Security

The Penetration Testing Engineer – Network Security is a hands-on client facing offensive security role responsible for executing network, cloud, and adversary-emulation engagements under established methodologies. This role goes beyond point-in-time vulnerability testing and actively contributes to red team and purple team operations, including social engineering, attack-path validation, and defensive collaboration.

Penetration Testing Engineers work closely with senior testers, red team leads, detection engineers, and clients to identify exploitable weaknesses, simulate real-world threat actor behavior, and validate security controls. This role is ideal for practitioners with a strong networking foundation who are ready to operate as adversaries while contributing to high-quality reporting and continuous improvement of testing capabilities.

The Penetration Testing Engineer – Network Security is a hands-on client facing offensive security role responsible for executing network, cloud, and adversary-emulation engagements under established methodologies. This role goes beyond point-in-time v...

Typical Experience

• 3–5 years of experience in IT, cybersecurity, or offensive security
• Prior exposure to penetration testing, red team activities, SOC collaboration, or adversary emulation
• Experience performing internal, external, or cloud network security assessments

Core Responsibilities

Network & Infrastructure Penetration Testing

• Execute internal and external network penetration tests, including attack-path discovery and privilege escalation
• Perform port scanning, service enumeration, and network mapping using industry-standard tools
• Identify and validate misconfigurations, weak authentication, segmentation failures, and trust boundary issues
• Assess on-prem and cloud network architectures (AWS, Azure, hybrid environments)

Red Team & Purple Team Operations (Required)

• Participate in red team engagements simulating real-world adversaries
• Execute TTP-driven attacks aligned to frameworks such as MITRE ATT&CK
• Support purple team exercises by collaborating with defensive teams to:
• Validate detections
• Tune alerts
• Measure defensive coverage
• Provide clear attacker-perspective feedback to blue teams and security leadership

Social Engineering (Required)

• Support and/or execute social engineering campaigns, including:
• Phishing (email-based and credential harvesting)
• Vishing and pretexting (as authorized)
• Physical security testing support (where in scope)
• Assist in campaign planning, execution, and ethical handling of sensitive data
• Document social engineering outcomes with clear business and risk context

Reporting & Communication

• Draft clear, accurate technical findings with reproduction steps and evidence
• Contribute to executive summaries that explain risk, impact, and attack feasibility
• Communicate findings effectively to:
• Technical teams
• Defensive stakeholders
• Non-technical leadership
• Support remediation validation and re-testing activities

Tooling & Continuous Improvement

• Use and help improve offensive tooling, scripts, and testing infrastructure
• Support automation efforts for discovery, enumeration, and validation
• Continuously develop skills in network attacks, cloud security, and adversary techniques

Technical Skills & Knowledge

Required Technical Skills

• Strong understanding of:
• TCP/IP, routing, DNS, DHCP
• Network segmentation and trust boundaries
• Hands-on experience with:
• Port scanning and enumeration (e.g., Nmap)
• Vulnerability identification and validation
• Familiarity with common network attack vectors:
• Weak credentials
• Misconfigured services
• Excessive trust and lateral movement paths
• Working knowledge of firewalls, VPNs (IPSec/SSL), and access controls
• Basic scripting for automation (Bash, Python, or PowerShell)

 

Cloud & Hybrid Environments

• Navigating cloud platforms (AWS and/or Azure)
• Understanding:
• Security groups / NSGs
• IAM users, roles, and policies
• Storage services (S3, Blob Storage)
• Identifying cloud-specific misconfigurations and exposure risk

Red / Purple Team & Social Engineering Requirements

This role requires demonstrated interest or experience in:

• Adversary emulation and red team testing
• Purple team collaboration with SOC and detection teams
• Social engineering techniques and ethical execution
• Translating attacker actions into defensive improvement opportunities

Candidates should be motivated to think like attackers while improving organizational resilience.

Soft Skills & Professional Expectations

• Strong curiosity and desire to continuously improve offensive skills
• Ability to accept feedback and iterate on findings and techniques
• Professional judgment, ethical conduct, and respect for authorization boundaries
• Clear written and verbal communication skills
• Ability to collaborate effectively across offensive and defensive teams

Certifications (Optional but Beneficial)

While hands-on ability is prioritized, certifications that align with this role include:

• Network or security fundamentals
• Offensive security or red team–oriented certifications
• Social engineering or adversary emulation training

The Penetration Testing Engineer – Network Security is a hands-on client facing offensive security role responsible for executing network, cloud, and adversary-emulation engagements under established methodologies. This role goes beyond point-in-time vulnerability testing and actively contributes to red team and purple team operations, including social engineering, attack-path validation, and defensive collaboration.

Penetration Testing Engineers work closely with senior testers, red team leads, detection engineers, and clients to identify exploitable weaknesses, simulate real-world threat actor behavior, and validate security controls. This role is ideal for practitioners with a strong networking foundation who are ready to operate as adversaries while contributing to high-quality reporting and continuous improvement of testing capabilities.

The Penetration Testing Engineer – Network Security is a hands-on client facing offensive security role responsible for executing network, cloud, and adversary-emulation engagements under established methodologies. This role goes beyond point-in-time v...

Typical Experience

• 3–5 years of experience in IT, cybersecurity, or offensive security
• Prior exposure to penetration testing, red team activities, SOC collaboration, or adversary emulation
• Experience performing internal, external, or cloud network security assessments

Core Responsibilities

Network & Infrastructure Penetration Testing

• Execute internal and external network penetration tests, including attack-path discovery and privilege escalation
• Perform port scanning, service enumeration, and network mapping using industry-standard tools
• Identify and validate misconfigurations, weak authentication, segmentation failures, and trust boundary issues
• Assess on-prem and cloud network architectures (AWS, Azure, hybrid environments)

Red Team & Purple Team Operations (Required)

• Participate in red team engagements simulating real-world adversaries
• Execute TTP-driven attacks aligned to frameworks such as MITRE ATT&CK
• Support purple team exercises by collaborating with defensive teams to:
• Validate detections
• Tune alerts
• Measure defensive coverage
• Provide clear attacker-perspective feedback to blue teams and security leadership

Social Engineering (Required)

• Support and/or execute social engineering campaigns, including:
• Phishing (email-based and credential harvesting)
• Vishing and pretexting (as authorized)
• Physical security testing support (where in scope)
• Assist in campaign planning, execution, and ethical handling of sensitive data
• Document social engineering outcomes with clear business and risk context

Reporting & Communication

• Draft clear, accurate technical findings with reproduction steps and evidence
• Contribute to executive summaries that explain risk, impact, and attack feasibility
• Communicate findings effectively to:
• Technical teams
• Defensive stakeholders
• Non-technical leadership
• Support remediation validation and re-testing activities

Tooling & Continuous Improvement

• Use and help improve offensive tooling, scripts, and testing infrastructure
• Support automation efforts for discovery, enumeration, and validation
• Continuously develop skills in network attacks, cloud security, and adversary techniques

Technical Skills & Knowledge

Required Technical Skills

• Strong understanding of:
• TCP/IP, routing, DNS, DHCP
• Network segmentation and trust boundaries
• Hands-on experience with:
• Port scanning and enumeration (e.g., Nmap)
• Vulnerability identification and validation
• Familiarity with common network attack vectors:
• Weak credentials
• Misconfigured services
• Excessive trust and lateral movement paths
• Working knowledge of firewalls, VPNs (IPSec/SSL), and access controls
• Basic scripting for automation (Bash, Python, or PowerShell)

 

Cloud & Hybrid Environments

• Navigating cloud platforms (AWS and/or Azure)
• Understanding:
• Security groups / NSGs
• IAM users, roles, and policies
• Storage services (S3, Blob Storage)
• Identifying cloud-specific misconfigurations and exposure risk

Red / Purple Team & Social Engineering Requirements

This role requires demonstrated interest or experience in:

• Adversary emulation and red team testing
• Purple team collaboration with SOC and detection teams
• Social engineering techniques and ethical execution
• Translating attacker actions into defensive improvement opportunities

Candidates should be motivated to think like attackers while improving organizational resilience.

Soft Skills & Professional Expectations

• Strong curiosity and desire to continuously improve offensive skills
• Ability to accept feedback and iterate on findings and techniques
• Professional judgment, ethical conduct, and respect for authorization boundaries
• Clear written and verbal communication skills
• Ability to collaborate effectively across offensive and defensive teams

Certifications (Optional but Beneficial)

While hands-on ability is prioritized, certifications that align with this role include:

• Network or security fundamentals
• Offensive security or red team–oriented certifications
• Social engineering or adversary emulation training