Senior Penetration Tester​/Cyber Security Specialist

Job Overview

We are seeking an experienced Penetration Testing Specialist to assess and strengthen the security posture of enterprise systems, applications, and network environments. The candidate will perform advanced security assessments across infrastructure, applications, APIs, wireless networks, and cloud platforms to identify vulnerabilities and recommend remediation strategies.

The ideal candidate will have strong expertise in offensive security testing, vulnerability assessment, and threat simulation
, with the ability to identify complex attack paths and support organisations in improving their cyber resilience

• Conduct penetration testing across web applications, mobile applications, APIs, internal and external networks, and cloud environments
  .
• Perform vulnerability assessments and exploit validation using industry-standard tools and manual techniques.
• Identify security weaknesses including misconfigurations, insecure coding practices, and potential attack vectors.
• Perform wireless network security assessments and evaluate network segmentation and access controls.

• Simulate real-world cyber-attack scenarios to evaluate organisational security posture.
• Analyse vulnerabilities and prioritise risks based on business impact.
• Support red team and adversary simulation exercises where required.

• Prepare detailed technical reports and executive summaries with risk ratings and remediation recommendations.
• Work with infrastructure and development teams to validate remediation actions.
• Conduct re-testing activities to ensure vulnerabilities are properly addressed.

• Work closely with SOC, infrastructure, and development teams to improve security controls.
• Support incident response teams with technical insights and attack simulations.
• Participate in security awareness and knowledge-sharing sessions.

• Strong experience in network, web, API, and cloud penetration testing
• Knowledge of OWASP Top 10, MITRE ATT&CK, PTES frameworks
• Hands-on experience with tools such as
  • Burp Suite
  • Metasploit
  • Nmap
  • Wireshark
  • Nessus
  • MobSF
• Understanding of network security, authentication mechanisms, and encryption protocols
• Experience performing wireless security testing

• Exposure to IoT / smart devices / industrial networks is an advantage.
• Knowledge of secure coding practices and threat modelling
• Experience with scripting languages such as Python, Bash, or Power Shell

• OSCP / OSEP
• CEH / GPEN
• CREST / LPT
• Other relevant cybersecurity certifications

• 7–10 years of experience in cybersecurity or penetration testing
• Experience working in enterprise environments or security consulting