Penetration Tester

NinjaOne • Full-time • Remote (Brazil) • 1w ago

About the Role

The Penetration Tester is a key member ofNinjaOne’score security team, with visibility across the entire organization,from individual developers to executive leadership. Taking a multi-layered approach to uncovering weaknesses in software, web applications, and client-side components to drive meaningful security improvements. You will directly strengthen the security of theNinjaOneplatform byidentifyingand helping resolve technical, security, and architectural vulnerabilities across our software applications and environments.

English Resume Required.

What You’ll Be Doing

Perform controlled penetration testing ofNinjaOneapplications, cloud environments, and infrastructure,demonstratingexploitability and documenting risks and remediation steps.

Collaborate with Engineering tovalidatevulnerabilities, communicate impact, and support secure design and remediation efforts.

Develop custom tools or scripts to support penetration testing, automation, and exploit development.

Monitor and triage bug bounty submissions, confirming valid findings and routing them to theappropriate teams.

Stay current on emerging threats, TTPs, and cybersecurity trends, applying them to evaluateNinjaOne’sexposure and guide security initiatives.

Create clear, comprehensive reports and presentations for both technical and executive stakeholders.

Promote security awareness across the organization, contributing to policies, best practices, and ongoing security education.

Other duties as needed

About You

2+ years of hands-on penetration testing experience.

4+ years in a cybersecurity-related role.

Strong understanding of security protocols, cryptography, authentication/authorization, and modern attack techniques.

Security certifications such as OSCP (highly desired) and/or Security+, CISSP, CISM are a plus.

Proficiencywith penetration testing tools such as Burp Suite,Caido, and related frameworks.

Ability to develop custom testing tools or scripts (Java, Kotlin, C++, Python, or Go).

Knowledge of security frameworks and methodologies such as OWASP, NIST, or BSIMM, threat modeling like STRIDE or DREAD, and system hardening standards including CIS and CSA.

Solid understanding of Linux and Windows operating systems, enterprise architecture, TCP/IP and UDP networking fundamentals.

Experience testing or exploiting cloud-native applications; understanding cloud security architecture is a plus.

Strong analytical and problem-solving skills with excellent written and verbal communication

About Us 

NinjaOne automates the hardest parts of IT to deliver visibility, security, and control over all endpoints for more than 30,000 customers. The NinjaOne automated endpoint management platform is proven to increase productivity, reduce security risk, and lower costs for IT teams and managed service providers. NinjaOne is obsessed with customer success and provides free and unlimited onboarding, training, and support. NinjaOne is #1 on G2 in endpoint management, patch management, remote monitoring and management, and mobile device management.

What You’ll Love 

Our flexible working hours with home office options enable you to successfully balance your personal life and your job. 
Grow personally and together with one of the fastest growing companies globally.
Develop your skills through our renowned training platform.
Receive competitive compensation. 
Collaborate with an amazing international workforce. 

Additional Information
This position is NOT eligible for Visa sponsorship.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, veteran status, or any other status protected by applicable law. We are committed to providing an inclusive and diverse work environment.

#LI-MM1

#LI-REMOTE

#BI-REMOTE