Lead Penetration Tester

Responsibilities:

• Conduct penetration tests on web, mobile, API, and infrastructure systems.
• Identify, exploit, and document security vulnerabilities with clear risk and business impact.
• Prepare professional reports with technical details, risk ratings, and remediation guidance.
• Develop and improve internal penetration testing and vulnerability management processes.
• Collaborate with internal teams to support secure design and vulnerability remediation efforts.

• Strong skills in manual and automated testing across web, mobile, API, infrastructure, and wireless environments.
• Solid understanding of web and mobile application architectures and common attack vectors.
• Proficient in at least one scripting or programming language (e.g., Python, Bash, JavaScript).
• Experience with vulnerability management processes, including identification, prioritization, tracking, and remediation coordination.
• Familiarity with vulnerability management tools (e.g., Qualys, Tenable, Rapid7, or similar) is highly desirable.
• Good knowledge of network fundamentals, including common devices and protocols (e.g., routers, switches, firewalls, TCP/IP stack).
• Background in software development, network administration, or system engineering is a strong advantage.
• Industry-recognized certifications such as OSCP, OSEP, OSWE, eWPTX, eCPPT, eMAPT, CRTO, or similar are preferred.
• Minimum 2 years of practical experience in penetration testing.
• Language Skills: Proficiency in English (Upper Intermediate or higher).
• Analytical Thinking & Problem Solving.
• Attention to Detail.
• Collaboration & Teamwork.
• Time Management & Organization.