Job Description

At Caris, we understand that cancer is an ugly word—a word no one wants to hear, but one that connects us all. That’s why we’re not just transforming cancer care—we’re changing lives.

We introduced precision medicine to the world and built an industry around the idea that every patient deserves answers as unique as their DNA. Backed by cutting-edge molecular science and AI, we ask ourselves every day: “What would I do if this patient were my mom?”That question drives everything we do.

But our mission doesn’t stop with cancer. We're pushing the frontiers of medicine and leading a revolution in healthcare—driven by innovation, compassion, and purpose.

Join us in our mission to improve the human condition across multiple diseases. If you're passionate about meaningful work and want to be part of something bigger than yourself, Caris is where your impact begins.

The Associate Network Penetration Testing Engineer will support the organization’s penetration testing and security assessment efforts by conducting vulnerability scans, organizing testing activities, and preparing detailed reports for all network penetration testing engagements. This role will work closely with senior penetration testers to document findings, prepare reports, and track remediation efforts. This position is ideal for an early-career cybersecurity professional looking to gain hands-on experience in penetration testing, vulnerability management, and security operations. The engineer will develop foundational skills in offensive security while contributing to improving the organization’s overall security posture.

Job Responsibilities

• Document penetration testing activities, including drafting detailed technical reports and executive summaries
• Track and manage findings from penetration tests, and follow-up on remediation efforts
• Support continuous attack surface monitoring and vulnerability tracking under guidance from senior engineers
• Maintain testing documentation, including Rules of Engagement (RoE), test plans, and methodologies
• Produce regular reports for Security Department regarding active threats to Caris technology infrastructure
• Coordinate with internal teams to collect evidence and validate remediation of identified vulnerabilities
• Assist in preparing materials and presentations for stakeholders and business units
• Support vulnerability scanning activities using tools such as Nessus and assist in interpreting results
• Organize and maintain penetration testing artifacts, logs, and evidence
• Participate in basic security assessments and testing activities under supervision
• Assist with compliance and audit-related documentation (e.g., SOC 2, NIST, HIPAA)
• Stay current on cybersecurity trends, tools, and best practices
• Support incident response and investigation efforts as directed
• Perform other administrative and operational tasks to support the security engineering team
• Assist with development of training activities for the Security Department, including tabletop exercises

Required Qualifications

• High school diploma or equivalent
• 1–3 years of experience in cybersecurity, IT, or a related field (internships or labs acceptable)
• Basic understanding of networking concepts (TCP/IP, DNS, firewalls, etc.)
• Familiarity with common security tools (e.g., Nmap, Nessus, Burp Suite)
• Strong written communication skills, with the ability to clearly document technical findings
• Strong organizational skills and attention to detail
• Willingness to learn and grow in penetration testing and cybersecurity
• Ability to work collaboratively in a team environment

Preferred Qualifications

• Associate’s or Bachelor’s degree in Cybersecurity, Information Technology, or related field
• Exposure to penetration testing concepts (e.g., via labs, coursework, or certifications)
• Familiarity with vulnerability management processes
• Basic understanding of web application or network security concepts
• Entry-level certifications such as Security+, eJPT, or similar
• Exposure to compliance frameworks such as NIST, SOC 2, or HIPAATraining
• Training will be provided on job-specific, safety, and compliance topics relevant to the role.

Physical Demands

• Must possess ability to sit, stand, and/or work at a computer for long periods of time.
• Ability to work extended hours during implementations and on-call rotations.

Other

• The role may require occasional after-hours work for incident response.
• Some on-call responsibilities may be assigned in support of technical emergencies.
• Trainings and functions may require intermittent travel, paid by the company.
• Other duties as assigned by management.

Conditions of Employment: Individual must successfully complete pre-employment process, which includes criminal background check, drug screening, credit check( applicable for certain positions) and reference verification.

This job description reflects management’s assignment of essential functions. Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.

Caris Life Sciences is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, gender identity, sexual orientation, age, status as a protected veteran, among other things, or status as a qualified individual with disability.