Job Overview
We are seeking an experienced
Penetration Testing Specialist to assess and strengthen the security posture of enterprise systems, applications, and network environments. The candidate will perform advanced security assessments across infrastructure, applications, APIs, wireless networks, and cloud platforms to identify vulnerabilities and recommend remediation strategies.
The ideal candidate will have strong expertise in
offensive security testing, vulnerability assessment, and threat simulation, with the ability to identify complex attack paths and support organisations in improving their cyber resilience
Key Responsibilities
Security Testing
- Conduct penetration testing across web applications, mobile applications, APIs, internal and external networks, and cloud environments.
- Perform vulnerability assessments and exploit validation using industry-standard tools and manual techniques.
- Identify security weaknesses including misconfigurations, insecure coding practices, and potential attack vectors.
- Perform wireless network security assessments and evaluate network segmentation and access controls.
Security Analysis
- Simulate real-world cyber-attack scenarios to evaluate organisational security posture.
- Analyse vulnerabilities and prioritise risks based on business impact.
- Support red team and adversary simulation exercises where required.
Reporting & Remediation
- Prepare detailed technical reports and executive summaries with risk ratings and remediation recommendations.
- Work with infrastructure and development teams to validate remediation actions.
- Conduct re-testing activities to ensure vulnerabilities are properly addressed.
Collaboration
- Work closely with SOC, infrastructure, and development teams to improve security controls.
- Support incident response teams with technical insights and attack simulations.
- Participate in security awareness and knowledge-sharing sessions.
Requirements
Required Skills
- Strong experience in network, web, API, and cloud penetration testing
- Knowledge of OWASP Top 10, MITRE ATT&CK, PTES frameworks
- Hands-on experience with tools such as
- Burp Suite
- Metasploit
- Nmap
- Wireshark
- Nessus
- MobSF
- Understanding of network security, authentication mechanisms, and encryption protocols
- Experience performing wireless security testing
Preferred Skills
- Exposure to IoT / smart devices / industrial networks is an advantage.
- Knowledge of secure coding practices and threat modelling
- Experience with scripting languages such as Python, Bash, or PowerShell
Certifications (Preferred)
- OSCP / OSEP
- CEH / GPEN
- CREST / LPT
- Other relevant cybersecurity certifications
Experience
- 7-10 years of experience in cybersecurity or penetration testing
- Experience working in enterprise environments or security consulting
