Lead Penetration Tester
Listed on 2026-01-13
-
IT/Tech
Cybersecurity, IT Consultant
About this Position:
Job Title:
Lead Penetration Tester
Internal Testing: A machine and a set of working access credentials will be provided by University.
External Testing:
Shall include vulnerability scans of externally facing IPs and focused exploits based on discovered weaknesses.
Exclusions:
Social engineering, web application testing, and wireless network testing are considered out-of-scope penetration testing menu items.
Comprehensive Report:
Including an Executive Summary for management and a Technical Report for IT staff.
Documentation:
Proof‑of‑concept evidence, risk ratings, and prioritized recommendations mapped to industry frameworks like NIST or PTES.
Mandatory Retesting:
The proposal must include one (1) remediation retest to be performed within 90 days of the final report to verify the effectiveness of fixes for all “Critical” and “High” findings.
Presentation: A formal presentation of findings to IACS and the CISO is required upon completion.
REQUIREMENTS:- Lead tester hold the OSCP, GPEN, or an equivalent technical certification.
- Testing methodology follow PTES, NIST SP 800‑115, or equivalent standards.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).