Job Title: Penetration Tester (Onsite – Internal Network VAPT)
Location: Sterling, Virginia, USA
Engagement Type: Onsite – Short-Term Project (2 Weeks)
Company: Throne Solutions
Job OverviewThrone Solutions is hiring experienced and highly skilled Penetration Testers for an onsite Vulnerability Assessment & Penetration Testing (VAPT) engagement at a client datacenter in Sterling, VA (USA). The scope includes testing across 19 VLANs and over 200 internal IPs, using advanced exploitation techniques, security methodologies, and detailed reporting standards.
Key Responsibilities- Perform onsite internal network VAPT across multiple VLANs and systems.
- Conduct manual exploitation and advanced attacks beyond automated scans.
- Identify and validate realistic attack paths & lateral movement opportunities.
- Capture evidence including logs, screenshots, traffic captures & exploit proof.
- Produce and deliver professional documentation, including:
- Technical vulnerability report (Critical → Low)
- Business & operational impact assessment
- Remediation & hardening recommendations
- Executive summary presentation
- Present results to security, engineering, and executive leadership.
- Follow NDA, RoE, safety, and compliance requirements.
Required Experience- 3–7+ years hands-on penetration testing experience.
- Strong understanding of Active Directory, VLANs, internal networks, endpoint defenses.
- Demonstrated offensive security capability, not only scanning/reporting.
- Experience with PTES, MITRE ATT&CK, OWASP, NIST, or CREST methodologies.
- US travel eligibility required.
Preferred Certifications (Any One or More)- OSCP (Highly preferred)
- OSEP / OSCE
- GPEN
- CEH Practical / CEH Master
- CompTIA PenTest+
- CREST CRT / CCT
- CISSP (advantage for senior/lead role)
Required Tools & Equipment (BYOD)All engineers must bring the following:
Hardware- High-performance laptop supporting virtualization (16–32GB RAM recommended)
- Portable switch
- USB Ethernet adapters (multiple recommended)
- Network cables & conversion adapters
- External SSD + encrypted USB drives
- US-compatible power adapters
Preconfigured Software & Technical ToolsCore Operating Environments
- Kali Linux / Parrot Security OS
- Windows VM configured for analysis & reporting
Scanning & Enumeration
- Nmap / Masscan
- Nessus or OpenVAS (licensed preferred)
Exploitation & Attack Tools
- Metasploit
- Burp Suite Pro (licensed)
- SQLMap
- BloodHound
- Mimikatz
- Impacket toolset
- Responder
Network & Traffic Analysis
- Wireshark
- Sysinternals tools (preferred)
Reporting & Documentation
- Dradis / Serpico or equivalent
- Evidence collection & secure note-taking tools
Additional Requirements
- Valid ID and authorization documents
- NDA-readiness
- VPN client for secure remote coordination
Soft Skills- Strong analytical and investigative mindset
- Excellent report writing & documentation discipline
- Clear professional communication skills
- Ability to work under controlled, high-security environments
Project Information- Duration: ~2 Weeks (onsite only)
- Work Mode: 100% onsite in restricted datacenter
- Schedule: Business hours
- Start: Immediate / earliest availability
