Consultant, Offensive Security (OSCP)

Responsibilities

• Execute penetration testing engagements across networks, applications, cloud, and identity systems
• Perform testing aligned to PTES, NIST 800-115, OWASP Top 10, and MITRE ATT&CK
• Identify, exploit, and validate vulnerabilities with defensible evidence
• Chain findings into realistic attack narratives demonstrating business impact
• Support remediation validation and retesting

• Participate in scoping, kickoff calls, and technical discussions
• Explain findings to both technical and non-technical stakeholders
• Respond to client questions during delivery and report readouts
• Build trust through professionalism and accuracy

• Produce clear penetration testing reports with executive summaries and remediation guidance
• Ensure reports meet quality standards with minimal rework
• Contribute to standardized templates and reporting improvements

Required Qualifications

• 3–5+ years of hands-on penetration testing or offensive security experience
• Strong knowledge of web, API, network, and Active Directory testing
• Experience using tools such as Burp Suite, Nmap, Metasploit, BloodHound
• Ability to write professional, executive-ready reports
• Strong time management and delivery discipline

• Experience testing cloud environments (AWS, Azure, GCP)
• Scripting or automation skills (Python, Bash, PowerShell)
• Prior consulting or client-facing experience
• Relevant certifications such as OSCP, PNPT, GPEN, GWAPT

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.