Associate Penetration Tester - Network Security

The Role

This is an entry-level role for aspiring penetration testers who have a solid foundation in IT/security and are eager to learn from an amazing group of offensive security professionals. Associate Testers work under the guidance of more experienced team members to deliver network and cloud assessments. The focus at this stage is on building core skills, learning methodologies, tools, and reporting standards of the team.

Associates utilize their system administration skills to support the team with vulnerability scanning, configuration assessments, and testing infrastructure improvements while developing the skills necessary to become a penetration tester.

• Understanding of IP addressing, subnetting, gateways, DNS and DHCP
• Basic knowledge of firewalls and how to allow/deny traffic using ports and protocols (TCP/UDP)
• Understanding of vulnerability and configuration management
• Configuring and troubleshooting VPN clients (IPSec, SSL VPN)
• Navigating cloud portals, launching virtual machines, and assigning security groups
• Understanding basic IAM concepts like users, roles, and policies
• Configuring and troubleshooting internal and external DNS zones
• Managing S3 buckets (AWS) or Blob Storage (Azure)
• Understanding access permissions and basic data lifecycle policies
• Using cloud-native tools (e.g., Cloud Watch, Azure Monitor) to track uptime, performance, and security events
• Basic Scripting for Automation

An Associate level pen tester typically has 1–3 years of general IT and/or cyber security experience.

Practical knowledge of networking fundamentals and configuration and vulnerability management. Able to run port scans and network mapping (using tools like Nmap) and identify simple misconfigurations. Familiar with fundamental protocols (TCP/IP, DNS, HTTP, etc.) and aware of common network attack vectors (e.g. open ports, default credentials).

This position is eager to learn and receptive to feedback. Capable of documenting findings and drafting portions of reports, though these will be reviewed by seniors. Beginning to develop communication skills – for example, can explain a discovered vulnerability clearly to the team and is learning to tailor explanations to non-technical audiences. Demonstrates professionalism, ethical conduct, and knows when to ask questions or seek help.

Teamwork is important; junior members are expected to collaborate and take direction well.

While hands-on ability is more important than certificates, many in this role work toward certifications to validate their skills. While certifications can bolster an associate’s credibility, the ability to demonstrate practical skills is the primary requirement.

Evolve Security is a next generation cybersecurity services firm headquartered in Chicago, IL powered by the Darwin Attack® Platform. We are dedicated to improving our client’s security posture by providing Attack Surface Management (ASM), Vulnerability Management as a Service (VMaaS), Continuous Penetration Testing (CPT) and cyber advisory.

In addition to our professional cybersecurity service offerings, Evolve Security offers a cybersecurity bootcamp, “Evolve Academy”, currently ranked the #1 cybersecurity bootcamp in the world. The Cybersecurity Bootcamp in Chicago provides immersive training, giving students the concrete and practical skills, needed on the job. Students gain real work experience through live security assessment work that they perform on not-for-profit companies.

We are passionate about directly improving our customers’ security posture, and we proudly train others to help meet the need for qualified cybersecurity talent.

• Progressive, startup-like culture in a high-growth segment—minimal bureaucracy, rapid impact.
• Engage in a fast-paced and challenging environment with opportunity to grow your talents.
• Immersive cybersecurity and technical training through Evolve Security Academy.
• Competitive compensation, healthcare, 401(k) match, and flexible paid time off.
• Hybrid/remote work with annual vacation reimbursement and parental leave.
• Engaged leadership.