Penetration Tester

Novacoast is seeking a qualified candidate to join our security penetration testing team. The penetration tester’s job will be to perform testing against products and systems in addition to creating security controls in order to protect the customer’s sensitive data. The type of candidate we are looking for should have hands on experience and be able to demonstrate knowledge of a variety of technologies, platforms, and threats. This is a fast-paced position, in a highly technical environment.

Learn more: - working at Novacoast


  • Hands-on experience with testing tools and frameworks such as Nessus, Qualys, Acuetix, Burpsuite, Metasploit
  • Software development, code review, static analysis experience highly desired
  • Experience with Python, Javascript, Ruby
  • Former system/network administration experience a plus
  • 3+ years of penetration testing in consulting environment
  • 3+ years of source code review in a consulting environment
  • Familiar with profiling applications, identifying threats, and developing test cases to target identified threats
  • Familiar with developing proof-of-concept exploit examples to use within reports or live demonstrations
  • Familiar with documenting and communicating results that may be consumed by both developers and management-level audiences
  • Ability to communicate effectively under stressful situations
  • Ability to obtain a security clearance on an as-needed basis
  • Offensive Security Certified Professional (OSCP) and GIAC certifications highly desired


  • Candidate should be able to perform network, application, system, and mobile penetration testing across the product suite
  • Design and conduct proof-of-concept tests to replicate third-party findings and propose solutions to resolve discovered security issues
  • Prepare detailed reports on findings and work closely with development teams to implement security controls; relate findings to real-world risks and provide specific, actionable recommendations for resolution
  • Perform research activities to investigate vulnerabilities and technologies which may impact the product suite, and present findings at industry conferences and tradeshows
  • Proactively develop threat models to assess how attackers may attack the Samsung product suite
  • Assess cryptographic implementations to identity weaknesses in product implementation
  • Design and develop tools and resources to augment and improve the testing process; configure existing tools and resources to perform more effectively
  • Assess and recommend additional tools and technologies as needed
  • Introduce process efficiencies into exiting methodologies and recommend improvements to testing workflows

Positions are available in all 50 states, as well as Canada, Mexico, and the UK.
All resumes submitted are considered confidential.

Apply Today