Entry-Level Penetration Tester (Ethical Hacking)
Basic Qualifications: Bachelors degree in Cybersecurity, Information Security, Computer Science, or related field or a High School diploma and 4 years of experience. Must be a U.S. Citizen with the ability to pass a Background Investigation. Must have a least one of the following certifications: Certified Ethical Hacker (CEH) Offensive Security Certified Professional (OSCP) GIAC Penetration Tester (GPEN) Practical Network Penetration Tester (PNPT) Basic knowledge of penetration testing tools such as Nmap, Metasploit, Burp Suite, Wireshark, and Kali Linux. Understanding of network security, web application security, and vulnerability management. Familiarity with scripting languages (Python, Bash, or PowerShell) for automation and exploitation. Knowledge of social engineering techniques and common attack vectors. Understanding of OWASP Top 10 and MITRE ATT&CK framework. Strong technical writing skills for documenting findings and creating penetration test reports. Preferred Qualifications: Hands-on experience in a penetration testing lab environment or real-world testing projects. Knowledge of Active Directory security and lateral movement techniques. Familiarity with cloud security (AWS, Azure, or GCP) and API security testing. Experience using security assessment tools for automated and manual testing. Understanding of regulatory frameworks (NIST 800-53, CIS, PCI-DSS, etc.). Peraton is seeking an Entry-Level Cybersecurity Ethical Hacker to join our penetration testing team. This role will be part of a highly skilled group responsible for testing the security posture of critical systems, applications, and infrastructure for our customers. The successful candidate will assist in identifying vulnerabilities, simulating cyberattacks, and helping develop strategies to mitigate security risks. This position is ideal for those who have foundational knowledge in ethical hacking and penetration testing and have obtained relevant cybersecurity certifications. This is an entry-level position, and candidates must meet the basic requirements to qualify. Only applicants who fulfill the minimum qualifications will be considered. Day to Day Work Responsibilities: Perform network and application penetration testing to identify vulnerabilities and assess security risks. Conduct web and API security assessments to evaluate and strengthen application security. Perform attack surface analysis to identify potential entry points for adversaries and prioritizing testing efforts. Simulat lateral movement and persistence techniques to evaluate internal security controls. Execute social engineering engagements, including phishing, vishing, and physical security assessments. Assess the security of enterprise environments, including network infrastructure, cloud services, and endpoints. Review security controls and encryption implementations for critical business systems. Support incident response planning and security investigations by analyzing attack methods and recommending mitigations. Document findings, developing remediation recommendations, and presenting reports to stakeholders. Stay up to date with the latest cybersecurity threats, attack techniques, and security research. Apply Job!