Penetration Tester

We are seeking a skilled and motivated Penetration Tester with 4-5 years of experience to join our client's growing cybersecurity team. In this role, you will be responsible for identifying and exploiting vulnerabilities in the organisation’s systems, networks, and applications. Your expertise will help strengthen security posture, protect sensitive data, and ensure compliance with industry standards. As a Penetration Tester, you will work closely with security and IT teams to assess and improve security protocols, develop actionable reports, and provide valuable recommendations to mitigate risks.

Key Responsibilities:

1. Conduct thorough penetration tests on networks, web applications, systems, and infrastructure.
2. Perform vulnerability assessments and exploit identified weaknesses to gain unauthorized access.
3. Create and execute comprehensive test plans based on different attack vectors.
4. Document findings and vulnerabilities clearly and concisely in detailed reports for internal teams.
5. Work with security engineers to patch identified vulnerabilities and validate fixes.
6. Stay up-to-date with the latest security trends, tools, and exploits in the cybersecurity industry.
7. Collaborate with other security professionals and IT teams to assess and mitigate risk.
8. Perform social engineering assessments, including phishing and physical security testing.
9. Provide guidance and mentoring to junior penetration testers when necessary.
10. Participate in post-engagement debriefs with stakeholders and assist in implementing security improvements.

Required Skills & Qualifications:

1. 4-5 years of experience in penetration testing or ethical hacking.
2. Proficiency in security tools like Burp Suite, Kali Linux, Metasploit, Nmap, Nessus, and others.
3. Strong knowledge of web application security (OWASP Top 10) and network security.
4. Experience in vulnerability assessment and exploitation techniques.
5. Familiarity with scripting languages like Python, Bash, or PowerShell.
6. Experience with various operating systems (Windows, Linux, macOS) and cloud environments (AWS, Azure, GCP).
7. Knowledge of penetration testing frameworks such as PTES, OSCP, or similar certifications.
8. Strong written and verbal communication skills for technical reporting and client presentations.
9. Ability to work independently and collaboratively in a fast-paced environment.
10. Familiarity with security compliance standards (e.g., NIST, PCI-DSS, HIPAA, GDPR).

Preferred Qualifications:

1. OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), or similar certifications.
2. Experience with red teaming or adversarial simulation.
3. Knowledge of secure software development practices and DevSecOps.