Senior Penetration Tester - Systems Integrator

Looking to play a key role in architecting the strategy for how organizations defend their most critical assets?

Join a technology services firm known for delivering reliable IT infrastructure, cloud, and managed services that help organisations run securely and efficiently. Works across industries including finance, legal, healthcare, and professional services. This role primarily involves acting as an offensive security lead for a diverse portfolio of 50+ clients across the Finance, Legal, and Sales & Distribution sectors. 

If you are interested in blending traditional deep-dive testing and cutting-edge research into the security implications of AI adoption, apply now!

Responsibilities:

• Full-Spectrum Security Testing
  • Lead Complex Engagements: Direct and execute end-to-end penetration tests across internal and external networks, web applications, and mobile platforms.
  • Multi-Sector Adaptation: Tailor testing methodologies to meet the specific regulatory and threat landscapes of the Finance (high-compliance), Legal (data privacy), and Distribution (operational uptime) industries.
  • Advanced Adversarial Simulation: Go beyond automated scans to perform manual exploitation, pivoting, and social engineering to simulate real-world sophisticated threats.

• Vulnerability Management & Remediation
  • Strategic Reporting: Translate technical findings into high-impact remediation reports for both executive stakeholders and technical teams.
  • Remediation Oversight: In key accounts, act as a consultant to oversee the implementation of fixes, ensuring that vulnerabilities are not just identified, but effectively neutralized.
  • Risk Prioritization: Help clients navigate "patch fatigue" by prioritizing vulnerabilities based on exploitability and business impact.

Required Skills/Qualifications:

• Technical Must-Haves:
  • Offensive Certifications: Must hold at least one advanced, practical certification such as OSCP (Offensive Security Certified Professional), OSCE, GPEN, or GXPN.
  • Full-Stack Testing Expertise: Proven experience performing manual penetration testing across Internal/External Networks, Web Applications (OWASP Top 10), and Mobile (iOS/Android).
  • Development Skills: Proficiency in Python, Go, or Ruby. You must be able to write custom scripts and contribute to the development of internal tools for AI monitoring and vulnerability detection.
  • Infrastructure Knowledge: Deep understanding of Active Directory, Kerberos, Cloud environments (Azure/AWS), and modern containerization (Docker/Kubernetes).

• Experience & Engagement Lead Must-Haves
  • Engagement Leadership: Minimum of 5–7 years in a dedicated penetration testing role, with experience leading the lifecycle of an engagement from scoping to delivery.
  • Multi-Tenant/MSP Experience: Ability to manage security assessments for a large portfolio of clients (ideally 20+) simultaneously without a drop in quality.
  • Remediation Advocacy: Act as a consultant to oversee and validate the remediation efforts of client IT teams.

Salary:

• Up to 130k (estimated)