Job Title

Penetration Tester (Remote — India)Cybernova Technologies Inc. | Ontario, CanadaCybernova TechnologiesCybernova Technologies is a Canadian IT services and cybersecurity company based in Ontario, Canada. We provide managed IT services, cybersecurity audits, and vulnerability assessments to small and mid-sized businesses across North America. We are building out our cybersecurity practice and looking for a skilled Penetration Tester based in India to join as our first dedicated security team member.This is a ground-floor opportunity. You will be the sole pen tester delivering Network VAPT engagements for our clients. If the results are strong, we plan to scale the team around you.Role OverviewYou will independently plan, execute, and report on Network Vulnerability Assessment and Penetration Testing (VAPT) engagements for our clients. This includes external and internal infrastructure testing, from reconnaissance through exploitation through final report delivery.You will work directly with the Managing Director and be responsible for the full VAPT lifecycle:- Scoping engagements with the project lead- Reconnaissance and information gathering- Vulnerability identification using both automated and manual techniques- Exploitation, privilege escalation, and data exfiltration (where in scope)- Writing detailed technical reports with proof-of-concept screenshots, impact analysis, and remediation recommendations- Retesting after client remediation to confirm fixesKey Responsibilities- Conduct Network VAPT (external and internal) following OSSTMM, PTES, and NIST frameworks- Perform black-box, grey-box, and white-box penetration testing- Identify and exploit vulnerabilities across network devices, servers, firewalls, routers, switches, and endpoints- Test for common network vulnerabilities including but not limited to: SMB misconfigurations, anonymous FTP, default credentials, SNMP weaknesses, SSL/TLS issues (POODLE, Sweet32, RC4), and RPC vulnerabilities- Produce clear, professional reports suitable for both technical and business audiences- Communicate findings and remediation guidance to clients when required- Maintain confidentiality of all client data and engagement detailsRequired Qualifications- 3 to 5 years of hands-on penetration testing experience (not just vulnerability scanning)- CEH (Certified Ethical Hacker) certification — minimum requirement- Proficiency with: Nessus, Nmap, Metasploit, Burp Suite, SMBClient, RPCClient- Strong understanding of TCP/IP, DNS, DHCP, SNMP, SMB, FTP, SSH, and common network protocols- Ability to write detailed technical reports in clear, professional English with proof-of-concept documentation- Experience working independently and managing your own timelinesPreferred Qualifications- OSCP (Offensive Security Certified Professional) — strongly preferred- Experience with web application penetration testing (OWASP Top 10)- Familiarity with cloud security assessments (AWS or Azure)- Experience with compliance frameworks: PIPEDA, SOC 2, ISO 27001, PCI-DSS, NIST CSF- Previous experience working with international clients or remote teamsTools You Should KnowNessus, Nmap, Metasploit Framework, Burp Suite, Wireshark, SMBClient, RPCClient, Advanced IP Scanner, Nikto, Dirb/Gobuster, SQLMap, Hydra, John the RipperWork Arrangement- Remote — based anywhere in India- Monthly retainer (contractor) to start, with transition to full-time based on project volume- Flexible hours with some overlap required during North American Eastern Time business hours for client coordination- Reporting directly to the Managing DirectorWhat We Offer- Be the founding member of our cybersecurity delivery team- Direct involvement in client engagements from day one — no bench time- Clear growth path: as projects scale, you grow into a team lead role- Work with North American clients on real-world security assessments- Competitive compensation based on experienceTo ApplySend your resume along with:1. One sample VAPT report you have authored (redacted for confidentiality)2. List of certifications held3. Your expected monthly compensation (INR)Email: Subject line: Penetration Tester Application — [Your Name]