Penetration Tester

We are seeking a skilled and highly motivated Cybersecurity Engineer with a strong background in penetration testing to join our security team. The ideal candidate must hold a valid CREST certification and have proven experience in identifying vulnerabilities, simulating cyberattacks, and recommending effective remediation strategies to improve overall security posture.

Key Responsibilities:

• Perform comprehensive penetration testing on applications, systems, networks, and cloud infrastructure
• Identify, assess, and report vulnerabilities and security weaknesses
• Provide detailed technical documentation, risk assessments, and remediation guidance
• Collaborate with development, infrastructure, and IT teams to address findings
• Simulate real-world cyberattacks (red teaming/threat emulation) to assess system resilience
• Participate in security assessments, audits, and compliance initiatives
• Stay updated on the latest security trends, tools, and threat landscapes
• Support incident response and threat hunting activities when required

Requirements:

• CREST certification is mandatory (e.g., CREST Registered Penetration Tester, CREST Certified Infrastructure Tester, etc.)
• Proven experience in penetration testing , vulnerability assessment, and exploit development
• Strong knowledge of common attack vectors, tools (e.g., Burp Suite, Metasploit, Nmap, Kali Linux), and scripting languages (e.g., Python, PowerShell)
• Familiarity with OWASP Top 10, MITRE ATT&CK, and other industry standards
• Experience with reporting tools and security documentation
• Excellent analytical, communication, and problem-solving skills
• Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience)

Preferred Qualifications (Nice to Have):

• Experience with red teaming or purple teaming exercises
• Other relevant certifications such as OSCP, GIAC (GPEN, GWAPT), or CEH
• Knowledge of cloud security testing (AWS, Azure, GCP)
• Experience in secure software development practices