Senior Penetration Tester

Job Summary

The Senior Penetration Tester is responsible for conducting advanced security testing to identify vulnerabilities in the organization’s networks, systems, and applications. The role involves performing penetration tests, simulating cyberattacks, and providing actionable recommendations to strengthen the organization’s security posture.

Key Responsibilities

• Conduct penetration testing on web applications, mobile applications, networks, and infrastructure.
• Perform ethical hacking activities to simulate real-world cyberattacks and identify security weaknesses.
• Identify and exploit vulnerabilities using tools and manual testing techniques.
• Prepare detailed technical reports outlining vulnerabilities, risk levels, and remediation recommendations.
• Work closely with development and IT teams to validate fixes and improve security controls .
• Lead red team exercises and security assessments when required.
• Use industry-standard tools such as Burp Suite, Metasploit, Nmap, OWASP ZAP, and Kali Linux .
• Stay updated on latest cyber threats, attack techniques, and security vulnerabilities .
• Support security audits, compliance requirements, and risk assessments .
• Mentor junior penetration testers and provide technical guidance to the team.

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field .
• 5–8 years of experience in Penetration Testing, Ethical Hacking, or Cybersecurity.
• Strong experience in Web Application, Network, and Infrastructure Penetration Testing .
• Deep knowledge of OWASP Top 10 vulnerabilities and exploitation techniques .
• Hands-on experience with penetration testing tools such as Burp Suite, Metasploit, Nmap, Wireshark, and Kali Linux .
• Experience with scripting or programming (Python, Bash, or similar) is a plus.
• Strong knowledge of network protocols, operating systems (Linux & Windows), and security architecture .
• Excellent analytical and problem-solving skills.
• Strong reporting and communication skills.

Preferred Certifications

• OSCP (Offensive Security Certified Professional)
• CEH (Certified Ethical Hacker)
• GWAPT / GPEN
• CISSP (optional)