Senior Penetration Tester

CompanyJob Specification – Senior Pen Tester BusinessUnit : Cyber Security Contract Duration : 12 Months renewableLocation : Randburg | Hybrid Industry : Financial Services

We are seeking an experienced Senior Penetration Tester to join our Cyber Security Business Unit on a 12-month contract.

The successful candidate will play a critical role in identifying, assessing, and exploiting vulnerabilities across our banking systems, applications, and infrastructure.

They must have the expertise to identify, assess, and exploit vulnerabilities end-to-end, from system architecture and design through to development, deployment, and operations.

This role requires deep technical knowledge.

• 7+ years of hands-on penetration testing experience, ideally within financial services / banking.

• Architecture : ability to identify systemic design flaws and insecure patterns.
• Development : review source code, spot insecure practices, recommend secure alternatives.
• Deployment / Operations : assess misconfigurations, infrastructure, and cloud security posture.
• Proven experience in bounty hunting (bug bounty platforms, CVE submissions, advanced exploit techniques).
• Strong expertise in testing web, mobile, and API environments.
• Advanced knowledge of threat modelling methodologies (e.g., STRIDE, DREAD, PASTA).

• Conduct penetration testing across web applications, mobile applications, APIs, and enterprise systems.
• Perform threat modelling and risk assessments to identify and prioritize vulnerabilities.
• Carry out red team engagements and adversary simulations to assess resilience against advanced threats.
• Document findings with detailed technical reports and clear remediation recommendations.
• Engage with stakeholders (cybersecurity, IT, business units) to explain vulnerabilities and risks.
• Stay abreast of emerging threats, exploits, and techniques relevant to the banking and financial services sector.
• Contribute to the development of secure coding practices, security architecture improvements, and vulnerability management processes.
• Mentor junior testers and collaborate within the cybersecurity team to uplift overall capability.
• This is a contract role for a Senior Penetration Tester.

The role is hybrid, but some work from home is acceptable.

The Senior Penetration Tester will be responsible for conducting penetration tests, identifying and exploiting security vulnerabilities, and providing detailed reports on findings.

Day-to-day tasks include creating and executing test cases, performing manual testing, and ensuring quality assurance through comprehensive software testing.

This role requires hands-on experience with various testing tools and methodologies to enhance the security of our clients' systems and applications.

• Degree in Computer Science, Cybersecurity, or related field (preferred).
• Industry certifications such as OSCP, OSWE, OSEP, CREST, GPEN, GXPN (highly advantageous).
• Relevant bug bounty recognition or Hall of Fame listings are a strong plus.
• Strong analytical, problem-solving, and critical-thinking abilities.
• Excellent communication skills, with the ability to articulate technical findings to both technical and non-technical stakeholders.
• Ability to work independently and collaboratively in high-pressure environments.
• Proven track record of delivering results within strict timelines.