Penetration Tester

Penetration Tester

Join to apply for the Penetration Tester role at Ninja One
.

The Penetration Tester is a key member of Ninja One’s core security team, with visibility across the entire organization, from individual developers to executive leadership. A multi‑layered approach is used to uncover weaknesses in software, web applications, and client‑side components to drive meaningful security improvements. You will directly strengthen the security of the Ninja One platform by identifying and helping resolve technical, security, and architectural vulnerabilities across our software applications and environments.

• Perform controlled penetration testing of Ninja One applications, cloud environments, and infrastructure, demonstrating exploitability and documenting risks and remediation steps.
• Collaborate with Engineering to validate vulnerabilities, communicate impact, and support secure design and remediation efforts.
• Develop custom tools or scripts to support penetration testing, automation, and exploit development.
• Monitor and triage bug bounty submissions, confirming valid findings and routing them to the appropriate teams.
• Stay current on emerging threats, TTPs, and cybersecurity trends, applying them to evaluate Ninja One’s exposure and guide security initiatives.
• Create clear, comprehensive reports and presentations for both technical and executive stakeholders.
• Promote security awareness across the organization, contributing to policies, best practices, and ongoing security education.
• Other duties as needed.

• 2+ years of hands‑on penetration testing experience.
• 4+ years in a cybersecurity‑related role.
• Strong understanding of security protocols, cryptography, authentication/authorization, and modern attack techniques.
• Security certifications such as OSCP (highly desired) and/or Security+, CISSP, CISM are a plus.
• Proficiency with penetration testing tools such as Burp Suite, Caido, and related frameworks.
• Ability to develop custom testing tools or scripts (Java, Kotlin, C++, Python, or Go).
• Knowledge of security frameworks and methodologies such as OWASP, NIST, or BSIMM, threat modelling like STRIDE or DREAD, and system hardening standards including CIS and CSA.
• Solid understanding of Linux and Windows operating systems, enterprise architecture, TCP/IP and UDP networking fundamentals.
• Experience testing or exploiting cloud‑native applications; understanding cloud security architecture is a plus.
• Strong analytical and problem‑solving skills with excellent written and verbal communication.

Ninja One automates the hardest parts of IT to deliver visibility, security, and control over all endpoints for more than 30,000 customers. The automated endpoint management platform is proven to increase productivity, reduce security risk, and lower costs for IT teams and managed service providers. Ninja One is obsessed with customer success and provides free and unlimited onboarding, training, and support.

Ninja One is #1 on G2 in endpoint management, patch management, remote monitoring and management, and mobile device management.

We are a collaborative, kind, and curious community.

We honor your flexibility needs with full‑time hybrid remote work that is flexible.

We have you covered with our comprehensive benefits package, which includes medical, dental, and vision insurance.

We help you prepare for your financial future with our 401(k) plan.

We prioritize your work‑life balance with our unlimited PTO.

We reward your work with opportunities for growth and advancement.

This position is NOT eligible for visa sponsorship. Due to federal government security requirements associated with our FedRAMP‑authorized environment, candidates must be U.S. citizens or lawful permanent residents.

Due to operational policies, Ninja One is unable to hire for this role within the city limits of Chicago. We will consider all qualified candidates who reside outside of the city proper or are willing to self‑relocate.

Starting pay for the successful applicant depends on a variety of job‑related factors, including location, market demands, experience, job‑related knowledge, and skills. For roles based in California, Colorado, Maryland, New Jersey, or Washington, the base salary hiring range for this position is $140,000 to $170,000 per year. For roles based in New York, the base salary hiring range is also $140,000 to $170,000 per year.

The benefits available for this position include medical, dental, vision, 401(k) plan, life insurance coverage, and PTO.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, veteran status, or any other status protected by applicable law. We are committed to providing an inclusive and diverse work environment.