Junior Penetration Tester

About the role

The Junior Penetration Tester supports MageByte's offensive security engagements across web applications, networks, cloud environments, and Active Directory infrastructure. Working under the guidance of senior operators, you will assist in planning, executing, and documenting penetration tests, identifying and validating vulnerabilities, and producing clear, actionable reports for technical and non-technical stakeholders. This is a full-time, remote role designed for an early-career tester who already holds a hands-on certification and is ready to grow into a full penetration testing position.

Responsibilities

• Support senior operators across the full engagement lifecycle, including reconnaissance, vulnerability identification, supervised exploitation, and post-exploitation
• Conduct web application testing against the OWASP Top 10 and assist with assessments of networks, cloud environments, and Active Directory infrastructure
• Identify vulnerabilities, validate their exploitability, and collect supporting evidence
• Prepare clear, risk-ranked findings reports with reproducible proof of concept and actionable remediation guidance

Interested in remote work opportunities in QA & Testing? Discover QA & Testing Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• Follow defined methodologies and rules of engagement on every assessment
• Develop and maintain skills in internal labs, and contribute to research, tooling, and workflow improvements
• Collaborate across a distributed team and re-test remediated findings as needed

Requirements

• OSCP certification (required)
• Strong foundational knowledge of cybersecurity principles, including common attack vectors, defensive controls, and security best practices
• Familiarity with application security concepts, including the OWASP Top 10 and common web application testing techniques

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• Proficiency with core offensive security tools such as Burp Suite, Nmap, and Metasploit, and comfort working in Linux environments such as Kali or Parrot
• Scripting ability in Python, Bash, or PowerShell to support automation and custom tooling
• Strong technical writing and documentation skills, including findings, impact, and remediation
• Demonstrated curiosity and self-directed learning through labs, CTFs, bug bounties, open-source contributions, or home lab projects
• A Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience
• Eligibility to work remotely within the United States

MageByte is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable law.