Lead Penetration Tester

Company Description
Breach Lock, Inc. is a global leader in Continuous Attack Surface Discovery and Penetration Testing services. The company provides evidence-backed Attack Surface Management, Penetration Testing, and Red Teaming solutions aimed at helping organizations identify, prioritize, and mitigate security vulnerabilities. By offering an attacker's perspective, Breach Lock uncovers risks that go beyond conventional vulnerabilities to enhance client defense strategies. Their proactive approach enables businesses to test their entire attack surface and prevent potential cyber breaches effectively.

At Breach Lock, the mission is to empower organizations to understand and mitigate their cybersecurity risks comprehensively.

Roles and Responsibilities

Lead and execute complex penetration testing engagements across  Web Applications, Mobile Applications, Infrastructure, Cloud, and APIs .
Understand and assess  complex enterprise systems and cybersecurity environments , applying advanced offensive security methodologies.
Apply an  adversary mindset  to simulate real-world attack scenarios, including advanced threat actors, to meet project-specific objectives.
Manage, mentor, and review work of a team of penetration testers , ensuring technical excellence, consistency, and quality of deliverables.
Own  end-to-end project execution  — scoping, planning, task allocation, timelines, and final reporting.
Review, validate, and consolidate findings to ensure  accuracy, risk prioritization, and business relevance .
Effectively  communicate vulnerabilities and risk posture  to both technical teams and executive stakeholders.
Provide  actionable remediation guidance , including compensating controls for scenarios where vulnerabilities cannot be immediately fixed.
Drive the  development of internal tools, scripts, and automation  to improve testing efficiency and coverage.
Lead  research initiatives  to identify emerging vulnerabilities, new attack vectors, and evolving security testing techniques.
Contribute to building and enhancing the organization’s  offensive security capabilities, frameworks, and best practices .
Maintain high standards of  ethical conduct, confidentiality, and professionalism  in all client and internal engagements.

Desired Candidate Profile

Bachelor’s degree in  Information Technology, Cybersecurity, Information Systems Security , or equivalent practical experience.
6+ years of hands-on experience  in  Penetration Testing / Red Teaming , with at least  2 years of people management responsibilities.
Proven experience  leading and managing penetration testing teams and project managers , including mentoring junior members and conducting technical reviews.
Strong expertise in  Web, Infrastructure, Mobile Application, Cloud, and Vulnerability Assessments .
Advanced hands-on experience with  Kali Linux  and tools such as  Burp Suite, Metasploit, Nmap, Nessus , and other offensive security tools.
Ability to  prioritize workloads, manage multiple engagements , and meet deadlines while maintaining high-quality deliverables.
Excellent  written and verbal communication skills , with the ability to present complex security findings to both technical and non-technical stakeholders.
Demonstrated ability to build strong  cross-functional and client relationships .
Strong commitment to  ethical hacking principles and professional integrity .
Willingness and ability to  research emerging threats , develop automation, and continuously improve security testing methodologies.
Preferred

Certifications:

OSCP, OSCE, eJPT, CEH, CRTO, or equivalent.
Programming/scripting experience in  Python, .NET, Bash, Power Shell , or other relevant languages.