Penetration Tester

We are seeking a skilled and motivated Penetration Tester to join our IT security team. The Penetration Tester will be responsible for identifying vulnerabilities and assessing the security of our network, applications, and systems through simulated cyberattacks. This role requires a deep understanding of cybersecurity principles, proficiency with penetration testing tools, and the ability to work in a dynamic, shift-based environment due to internal operational requirements.

Key Responsibilities:

Conduct penetration testing on networks, applications, and operating systems to identify vulnerabilities and security weaknesses.

Utilize industry-standard methodologies such as OWASP, PTES, or similar frameworks to perform comprehensive security assessments.

Simulate real-world attack techniques to evaluate system resilience and recommend mitigation strategies.

Develop and execute scripts in Python, JavaScript, and Bash to automate testing processes or exploit vulnerabilities.

Prepare detailed reports on findings, including risk assessments and actionable recommendations for improving security posture.

Collaborate with IT and development teams to ensure vulnerabilities are remediated effectively.

Stay updated on the latest cybersecurity threats, tools, and techniques to enhance testing methodologies.

Work in a shift-based schedule to support internal operational requirements.

Qualifications:

Minimum Bachelors degree (S1) in Information Technology, Cybersecurity, or a related field.

Strong understanding of network security, application security, and operating system security concepts.

Proficiency with penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, Nessus, etc.).

Familiarity with penetration testing methodologies such as OWASP, PTES, or equivalent.

Advanced knowledge of scripting and programming in Python, JavaScript, and Bash.

In-depth understanding of attack techniques relevant to penetration testing (e.g., SQL injection, XSS, privilege escalation).

Relevant certifications (e.g., CEH, OSCP, CompTIA PenTest+, or equivalent) are highly preferred.

Ability to work in a shift-based schedule to accommodate internal operational needs.

Strong analytical skills and attention to detail.

Excellent communication skills to present findings and recommendations to technical and non-technical stakeholders.