Why Join Netragard?

Netragard is seeking a junior penetration tester who can support senior testers, learn quickly, and grow into independently running advanced assessments. The ideal candidate is curious, detail-oriented, and comfortable working in a fast-paced, client-facing consulting environment.

Role overview

Netragard’s junior penetration testers help deliver high-quality security assessments across external and internal infrastructure, web applications, APIs, and cloud environments under the guidance of senior testers. You will contribute to engagements that emphasis manual, research-driven techniques over scanner-only approaches.

Key responsibilities

• Perform supervised penetration testing of networks, applications, and cloud environments using a mix of commercial, open-source, and Netragard-native tooling.
• Execute reconnaissance, enumeration, exploitation, basic privilege escalation, and lateral movement steps following internal procedures and senior tester direction.
• Identify, document, and validate security vulnerabilities, misconfigurations, and insecure patterns, focusing on clear risk articulation and reproducible steps.
• Draft portions of client deliverables, including technical findings, proof-of-concept details, and remediation recommendations, to be reviewed by senior staff.
• Participate in debrief calls and internal review sessions, capturing client questions, improvement areas, and lessons learned for future engagements.
• Contribute to internal research, lab projects, and methodology improvements.
• Maintain strong operational security, protect client data carefully, and adhere to Netragard policies and legal/ethical guidelines at all times.

Required qualifications

• 1–2 years of hands-on technical experience in information security, system administration, development, or a closely related field (professional, lab, or project-based).
• Solid understanding of TCP/IP networking, common services (HTTP/S, DNS, SMTP, VPN, etc.), and typical enterprise architectures.
• Familiarity with common attack classes such as injection flaws, authentication/authorization issues, insecure configurations, and basic Active Directory weaknesses.
• Practical exposure to penetration testing tools and frameworks (for example Burp Suite, Nmap, Metasploit, password crackers, and common reconnaissance utilities).
• Ability to write clear, concise technical notes and translate them into structured report content with guidance.
• Strong problem-solving mindset, willingness to ask questions, and comfort receiving and integrating feedback from senior testers.

Preferred qualifications

• Prior experience supporting penetration testing, red team, CTF, bug bounty, or security research activities (professional, academic, or self-directed).
• Exposure to at least one scripting or programming language (such as Python, PowerShell, or Bash) for task automation or simple tooling.
• Familiarity with one or more cloud platforms (AWS, Azure, GCP) and their common security controls and misconfigurations.
• Progress toward or possession of relevant certifications such as eJPT, CompTIA Pentest+, eWPT, or similar junior-level penetration testing credentials.

Benefits

• Salary $60,000 – $75,000 commensurate on experience
• Health, dental, vision Insurance
• Holidays and paid time off
• 401K

Additional Information

• Boston/Remote
• Hours: 9AM – 5PM Eastern Time
• Applicants must be currently authorized to work in the United States on a full-time basis. We are unable to provide visa sponsorship at this time.

NB: No recruitment agencies.

About the Role

Netragard is currently seeking a Cloud Penetration Tester on a Part-Time/Contractor basis to join our team of passionate cybersecurity professionals.

This role involves performing in-depth cloud configuration assessments and penetration tests across cloud platforms. A typical engagement will evaluate current environments, identify security and compliance gaps, and provide actionable recommendations to strengthen governance and lower risk.

We are looking for an equally passionate individual who thinks differently about problems and looks for new angles in challenging situations.

Location:

Boston/Remote

Responsibilities

• Conduct technical configuration assessments for cloud platforms such as Azure, Microsoft 365, Google Cloud Platform (GCP), Google Workspace, and Amazon Web Services (AWS).  *If you specialize in one of these platforms, we still encourage you to apply – expertise in a single environment is just as valuable to our team.
• Review and benchmark existing configurations against industry best practices.
• Identify misconfigurations, excessive permissions, and compliance risks.
• Prepare detailed assessment reports with prioritized recommendations for remediation.
• Collaborate with client IT, security, and compliance teams to validate findings and guide remediation efforts.
• Provide advisory input for cloud governance and secure architecture improvements.
• Maintain awareness of emerging cloud services, risks, and compliance requirements.

You must have the following skills and experience:

• Proven experience performing cloud security or configuration assessments across any of the following platforms (Azure, M365, GCP, Google Workspace, AWS).
• Strong understanding of IAM, networking, data protection, and compliance principles in cloud environments.
• Excellent written communication skills with the ability to produce clear, actionable reports.
• Certifications such as Azure Security Engineer, AWS Solutions Architect, Google Professional Cloud Security Engineer, Pwned Labs MCRTP, PLACRTP, GCRTP, M-CRTP3, Altered Security CARTP, CARTE, or equivalent are highly desirable.
• Good written and verbal communication skills (in English)
• Report writing experience

Nice to have:

• Contribution to open-source projects (i.e., send us your GitHub)
• Security related blog
• Cybersecurity conference presentations
• Participation and/or write-ups of CTFs
• Bug Bounty profile

NB: No recruitment agencies.

About the Role

Netragard is currently seeking a Senior Penetration Tester on a Part-Time/Contractor basis to join our team of passionate cybersecurity professionals.

This role involves performing manual penetration testing of our customers’ information technology systems including their external/internal infrastructure, web, and mobile applications, etc.

We are looking for an equally passionate individual who thinks differently about problems and looks for new angles in challenging situations.

Location:

Boston/Remote

Responsibilities

• Conduct manual penetration testing for a variety of systems, such as, web, mobile, API, and infrastructure (internal, external, and wireless)
• Plan and execute social engineering campaigns and physical penetration tests
• Identify, understand, and exploit vulnerabilities to gain and expand access to remote systems
• Document and communicate technical findings verbally and in a written format to the appropriate stakeholders/teams.
• Assist in retesting security vulnerabilities that have been remediated and updating the report with remediation test findings.
• Provide remediation recommendations
• Assist with building, hardening, and maintaining systems used for testing
• Stay up to date on cutting edge security topics and new attack vectors
• Assist with pre-sales scoping to prospective clients
• Review reports for depth and accuracy
• Communicate with customers throughout testing engagement
• Act as a source of direction, training, and guidance for less experienced staff
• Conduct research and publish articles on the latest cybersecurity news

You must have the following skills and experience:

• 5+ years of experience performing penetration tests
• 5+ years of experience consulting
• 1+ Industry leading qualification (OSCP/OSWE/OSCE, CRTO, CISSP, CREST, PNPT, etc.)
• Good written and verbal communication skills (in English)
• Report writing experience

Nice to have:

• Contribution to open-source projects (i.e., send us your GitHub)
• Security related blog
• Cybersecurity conference presentations
• Participation and/or write-ups of CTFs
• Bug Bounty profile

NB: No recruitment agencies.