Lead Cyber Security Officer

We are seeking an experienced Penetration Tester and Threat Hunting Specialist to deliver high-quality, client-facing security assessment services. This role is responsible for planning, executing, and managing penetration tests, vulnerability assessments, advanced threat hunting, and external threat intelligence activities (including dark web and community platform monitoring) for a diverse client base.

Key Responsibilities:

• Plan and scope penetration testing engagements in collaboration with clients, including defining objectives, timelines, and rules of engagement.
• Act as a primary or supporting point of contact during security assessments.
• Ensure all testing activities comply with legal, regulatory, and contractual requirements.
• Perform black-box, gray-box, and white-box penetration testing across networks, web/mobile applications, APIs, and cloud environments.
• Conduct comprehensive vulnerability assessments using automated tools and manual validation techniques.
• Simulate real-world attack scenarios to identify exploitable weaknesses.
• Conduct proactive threat hunting across client environments to detect indicators of compromise (IOCs) and advanced persistent threats (APTs).
• Analyze logs, endpoints, and network traffic to uncover hidden or emerging threats.
• Develop and apply threat hunting hypotheses based on threat intelligence and attacker tactics, techniques, and procedures (TTPs).
• Perform monitoring and intelligence gathering across dark web forums, marketplaces, and breach repositories to identify potential data leaks, credential exposure, or targeted threats.
• Conduct searches and monitoring across platforms such as Discord and other online communities where threat actors may operate or share information.
• Identify and report potential brand impersonation, data exposure, or threat actor activity relevant to client environments.
• Correlate external intelligence with internal findings to enhance threat detection and response strategies.
• Deliver clear, concise, and actionable reports tailored for both technical and executive audiences.
• Provide risk ratings, business impact analysis, and prioritized remediation recommendations.
• Present findings to client stakeholders and support remediation discussions.
• Perform re-testing to validate remediation efforts.
• Contribute to the development of testing methodologies, playbooks, and reusable assets.
• Stay current with evolving threats, tools, and industry best practices.

Required Qualifications:

• Bachelor’s degree in Cybersecurity, Information Security, IT, or equivalent experience.
• 7–10 years of hands-on experience in penetration testing, vulnerability assessment, and/or threat hunting.
• Proven experience in a client-facing penetration testing or security consulting role.
• Strong understanding of network security, system architecture, and application security.
• Hands-on expertise with tools such as Burp Suite, Metasploit, Nmap, Nessus, Wireshark, and similar.
• Experience or familiarity with threat intelligence gathering, OSINT, and dark web monitoring techniques.
• Knowledge of common frameworks and standards (e.g., OWASP Top 10, MITRE ATT&CK, CVSS).

Preferred Certifications:

• OSCP (Offensive Security Certified Professional)
• CEH (Certified Ethical Hacker)
• GPEN / GWAPT
• CISSP (for senior roles)

Key Skills:

• Strong analytical and investigative mindset
• Excellent client communication and presentation skills
• Ability to translate technical findings into business risk
• Strong documentation and reporting capabilities
• Ability to manage multiple client engagements simultaneously

Nice to Have:

• Experience with dark web intelligence platforms and OSINT tools
• Knowledge of SIEM, EDR, and threat intelligence platforms
• Experience with cloud environments (AWS, Azure, GCP)
• Scripting skills (Python, PowerShell, Bash)
• Experience with red teaming or adversary simulation

Working Model:

• Client-facing consulting role (remote/hybrid with occasional travel)
• May require flexibility for testing windows and incident response support

Pay: From Rs300,000.00 per month

Work Location: In person