Job Title: Senior Penetration Tester / Ethical Hacker

Job Description:

We are seeking a Senior Penetration Tester to join a cybersecurity team focused on proactively identifying vulnerabilities and protecting enterprise systems from malicious attacks. The role involves leading penetration testing efforts, collaborating with development and operations teams, and providing actionable guidance to remediate security weaknesses.

Key Expertise Required:

• Bachelor’s degree or equivalent experience.

• 7+ years of overall IT experience.

• 5+ years of hands-on web application penetration testing / ethical hacking experience.

• Preferred certifications: OSCP, GWAPT, GXPN, GPEN, LPT, CEH, or other industry-recognized security credentials.

Key Responsibilities:

• Lead penetration testing on web, mobile, and supporting systems.

• Simulate real-world attack techniques to model potential external threats.

• Analyze test results, draw conclusions, and develop targeted exploit examples.

• Prepare reports and present findings to developers, application owners, and security teams.

• Consult with software development and operations teams to ensure vulnerabilities are addressed.

• Contribute to research and development of tools for vulnerability discovery.

• Collaborate with other cybersecurity teams to improve overall application and infrastructure security.

• Stay current on security best practices, vulnerabilities, and emerging threats.

Key Skills and Competencies:

• Expertise in manual testing across OWASP Top 10 categories.

• Knowledge of application security mechanisms (authentication, authorization, data validation, encryption).

• Technical understanding of various application security vulnerabilities.

• Experience with common penetration testing and vulnerability assessment tools (e.g., Burp Suite, nmap, Wireshark, Nessus, Metasploit, AppScan, WebInspect, Acunetix, Kali Linux).

• Programming or scripting knowledge (e.g., C, C#, Python, Objective C, Java, JavaScript, SQL).

• Understanding of Web Services technologies (XML, JSON, SOAP, REST, AJAX) and web frameworks (J2EE, Struts, Spring, .NET).

• Proven analytical, problem-solving, and interpersonal skills.

• Strong communication and presentation skills; ability to explain threats and guide remediation.

• Ability to work independently or collaboratively in a team environment.

• Highly motivated with ownership of responsibilities and proactive approach to work.

Impact of the Role:

This role helps protect enterprise systems and critical data from cybersecurity threats. By identifying vulnerabilities, guiding remediation efforts, and improving application security, the Senior Penetration Tester ensures operational integrity and contributes to preventing real-world cyber attacks. The position plays a key part in safeguarding both organizational assets and the security of end-users.