Penetration Testing Engineer - Network Security jobs in United States
cer-icon
Apply on Employer Site
company-logo

Evolve Security · 8 hours ago

Penetration Testing Engineer - Network Security

positionUnited States
timeFull-time
remoteRemote
seniorityMid Level
date3+ years exp

Evolve Security is a cybersecurity services firm headquartered in Chicago, IL, dedicated to improving clients' security posture. The Penetration Testing Engineer - Network Security is responsible for executing network, cloud, and adversary-emulation engagements, contributing to red and purple team operations, and collaborating with clients to identify and validate security controls.

ComputerEducationInformation TechnologyNetwork SecuritySecurityTraining
check
H1B Sponsor Likelynote

Responsibilities

Execute internal and external network penetration tests, including attack-path discovery and privilege escalation
Perform port scanning, service enumeration, and network mapping using industry-standard tools
Identify and validate misconfigurations, weak authentication, segmentation failures, and trust boundary issues
Assess on-prem and cloud network architectures (AWS, Azure, hybrid environments)
Participate in red team engagements simulating real-world adversaries
Execute TTP-driven attacks aligned to frameworks such as MITRE ATT&CK
Support purple team exercises by collaborating with defensive teams to:
Validate detections
Tune alerts
Measure defensive coverage
Provide clear attacker-perspective feedback to blue teams and security leadership
Support and/or execute social engineering campaigns, including:
Phishing (email-based and credential harvesting)
Vishing and pretexting (as authorized)
Physical security testing support (where in scope)
Assist in campaign planning, execution, and ethical handling of sensitive data
Document social engineering outcomes with clear business and risk context
Draft clear, accurate technical findings with reproduction steps and evidence
Contribute to executive summaries that explain risk, impact, and attack feasibility
Communicate findings effectively to:
Technical teams
Defensive stakeholders
Non-technical leadership
Support remediation validation and re-testing activities
Use and help improve offensive tooling, scripts, and testing infrastructure
Support automation efforts for discovery, enumeration, and validation
Continuously develop skills in network attacks, cloud security, and adversary techniques

Qualification

Penetration testingRed team operationsCloud securityNetwork security assessmentsSocial engineeringTCP/IPPort scanningScriptingCuriosityProfessional judgmentCommunication skills

Required

3-5 years of experience in IT, cybersecurity, or offensive security
Prior exposure to penetration testing, red team activities, SOC collaboration, or adversary emulation
Experience performing internal, external, or cloud network security assessments
Execute internal and external network penetration tests, including attack-path discovery and privilege escalation
Perform port scanning, service enumeration, and network mapping using industry-standard tools
Identify and validate misconfigurations, weak authentication, segmentation failures, and trust boundary issues
Assess on-prem and cloud network architectures (AWS, Azure, hybrid environments)
Participate in red team engagements simulating real-world adversaries
Execute TTP-driven attacks aligned to frameworks such as MITRE ATT&CK
Support purple team exercises by collaborating with defensive teams to validate detections, tune alerts, and measure defensive coverage
Provide clear attacker-perspective feedback to blue teams and security leadership
Support and/or execute social engineering campaigns, including phishing (email-based and credential harvesting), vishing and pretexting (as authorized), and physical security testing support (where in scope)
Assist in campaign planning, execution, and ethical handling of sensitive data
Document social engineering outcomes with clear business and risk context
Draft clear, accurate technical findings with reproduction steps and evidence
Contribute to executive summaries that explain risk, impact, and attack feasibility
Communicate findings effectively to technical teams, defensive stakeholders, and non-technical leadership
Support remediation validation and re-testing activities
Use and help improve offensive tooling, scripts, and testing infrastructure
Support automation efforts for discovery, enumeration, and validation
Continuously develop skills in network attacks, cloud security, and adversary techniques
Strong understanding of TCP/IP, routing, DNS, DHCP
Hands-on experience with port scanning and enumeration (e.g., Nmap)
Familiarity with common network attack vectors: weak credentials, misconfigured services, excessive trust and lateral movement paths
Working knowledge of firewalls, VPNs (IPSec/SSL), and access controls
Basic scripting for automation (Bash, Python, or PowerShell)
Navigating cloud platforms (AWS and/or Azure)
Understanding security groups / NSGs, IAM users, roles, and policies, and storage services (S3, Blob Storage)
Identifying cloud-specific misconfigurations and exposure risk
Demonstrated interest or experience in adversary emulation and red team testing
Purple team collaboration with SOC and detection teams
Social engineering techniques and ethical execution
Translating attacker actions into defensive improvement opportunities
Strong curiosity and desire to continuously improve offensive skills
Ability to accept feedback and iterate on findings and techniques
Professional judgment, ethical conduct, and respect for authorization boundaries
Clear written and verbal communication skills
Ability to collaborate effectively across offensive and defensive teams

Preferred

Network or security fundamentals
Offensive security or red team-oriented certifications
Social engineering or adversary emulation training

Benefits

Healthcare Benefits
401(k) Match
Parental Leave
Flexible Paid Time Off
Annual vacation reimbursement

Company

Evolve Security

twittertwittertwitter
company-logo
Evolve Security is a technical cybersecurity services firm dedicated to improving your security posture where you are most vulnerable.
dateFounded in 2016
location
Chicago, Illinois, USA
people-size51-200 employees
web-link
https://www.evolvesecurity.com/

H1B Sponsorship

Evolve Security has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2022 (1)
2021 (1)

Funding

Current Stage
Growth Stage
Total Funding
unknown
2025-03-11Undisclosed

Leadership Team

leader-logo
Andrew Hamilton
Co-founder, COO
linkedin
leader-logo
Sam Harris
Chief Technology Officer
linkedin

Recent News

Business Wire
Evolve Security to Revolutionize Pen Testing Industry, Expands Executive Team with World-Class Industry Leaders and Completes Funding Round
2025-03-12
Google Patent
Live exploitation feed on penetration testing portal
2025-02-16
Company data provided by crunchbase