We are seeking a highly skilled and motivated Penetration Tester to join our growing security team. The ideal candidate will be responsible for proactively identifying vulnerabilities and weaknesses in our digital assets, including networks, applications, and systems. This role requires a strong understanding of security principles, a passion for ethical hacking, and the ability to think like an adversary. The Penetration Tester will be a key player in strengthening our security posture and protecting our organization and our clients from cyber threats.

Key Responsibilities

• Conduct comprehensive penetration tests on a wide range of systems, including web applications, mobile applications, networks, and cloud environments.
• Perform vulnerability assessments and social engineering simulations to identify potential security gaps.
• Develop detailed reports documenting findings, including a clear explanation of vulnerabilities, their potential impact, and actionable recommendations for remediation.
• Collaborate with development and IT teams to provide guidance and support in fixing identified security issues.
• Stay up-to-date with the latest security trends, hacking techniques, and industry best practices.
• Research new tools, methodologies, and technologies to improve our penetration testing processes.
• Assist in the development of security policies, procedures, and training materials.
• Participate in security incident response as needed.

Required Qualifications and Skills

• Experience:
  • Junior Level: 1-3 years of experience in IT roles such as a Security Analyst, Systems Administrator, or Network Engineer.
  • Mid-Level: 3-5 years of direct penetration testing experience.
  • Senior Level: 5+ years of extensive experience in penetration testing and a proven track record of leading complex security engagements.
• Deep knowledge of common web application vulnerabilities (e.g., OWASP Top 10).
• Strong understanding of network protocols, operating systems (Windows, Linux), and databases.
• Experience with penetration testing tools such as Burp Suite, Metasploit, Nmap, Wireshark, and Kali Linux.
• Proficiency in at least one scripting language (e.g., Python, Bash, PowerShell).
• Familiarity with various security frameworks and standards (e.g., NIST, ISO 27001).
• Excellent written and verbal communication skills, with the ability to explain complex technical concepts to both technical and non-technical audiences.
• Strong problem-solving skills and attention to detail.

Preferred Qualifications

• Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC certifications.
• Experience with cloud platforms like AWS, Azure, or Google Cloud.
• Knowledge of secure coding practices and experience with code review.
• Experience with red team engagements and advanced persistent threat (APT) simulations.