Overview

We are seeking a highly skilled Penetration Tester to join our cybersecurity team. The ideal candidate will possess deep expertise in security analysis, network security, and system vulnerabilities, with a strong background in IT and information security principles. This role involves proactively identifying and mitigating security risks across diverse environments, including cloud infrastructure, on-premises systems, and IoT devices. The Penetration Tester will play a critical role in strengthening our security posture by conducting simulated attacks, vulnerability research, and compliance assessments aligned with industry standards such as ISO 27001 and ISO 27002. Candidates should be familiar with modern cybersecurity tools and methodologies, including SIEM solutions like Splunk, vulnerability scanning techniques, and incident response protocols.

Duties

• Conduct comprehensive penetration tests on networks, applications, and systems using advanced tools such as Fiddler, Nmap, and custom scripting in Python or Bash.
• Perform vulnerability research to identify weaknesses in operating systems (Windows, Linux, Solaris, macOS), cloud platforms (AWS, Google Cloud Platform, Azure), and virtualization environments (VMware).
• Assess network architecture including routing protocols (BGP, OSPF), network infrastructure (Cisco routers, Juniper devices), firewalls (Cisco ASA), VPNs, load balancers, and SDLC processes.
• Simulate cyberattacks to evaluate system security and identify potential exploits related to encryption protocols (SSL/TLS), authentication mechanisms (Active Directory, LDAP), and identity & access management systems.
• Analyze logs from SIEM platforms like Splunk to detect anomalies and support incident response efforts.
• Develop detailed reports outlining vulnerabilities with actionable remediation strategies for technical teams.
• Collaborate with DevOps teams to integrate security testing into CI/CD pipelines using tools like Ansible and Terraform for automation of infrastructure deployment.
• Stay current with emerging threats such as IoT vulnerabilities, cloud security challenges, and new attack vectors related to PaaS/IaaS environments.

Requirements

• Proven experience in cybersecurity roles with a focus on penetration testing or security analysis.
• Strong knowledge of computer networking concepts including TCP/IP stack, routing protocols (EIGRP, OSPF), VLANs, DHCP, DNS, NAT, IPsec VPNs.
• Hands-on experience with operating systems such as Windows Server, Linux distributions (CentOS, UNIX), Solaris, macOS.
• Proficiency in scripting languages like Python, Bash Shell Scripting, PowerShell for automation tasks.
• Familiarity with security frameworks including ISO 27001/27002 standards and COBIT best practices.
• Experience working with cloud platforms such as AWS (including EC2, S3), Google Cloud Platform, Azure; knowledge of cloud architecture and infrastructure security best practices.
• Knowledge of network monitoring tools like SolarWinds or Splunk; familiarity with SIEM management is preferred.
• Understanding of virtualization technologies including VMware and Citrix; experience with high availability configurations and disaster recovery planning.
• Ability to pass background checks and demonstrate commitment to ethical hacking principles; familiarity with PCI standards is a plus.
• Excellent problem-solving skills combined with strong communication abilities to convey complex findings clearly. This position offers an exciting opportunity to work at the forefront of cybersecurity defense within a dynamic environment dedicated to protecting critical information assets through innovative testing strategies and continuous improvement efforts.