Responsibilities Conduct advanced penetration tests across various platforms, including web applications, networks, and internal/external infrastructures, to identify vulnerabilities and weaknesses. Perform thorough vulnerability assessments and scans, identifying attack vectors and providing strategic recommendations. Prepare and deliver clear, concise penetration testing reports that outline technical findings, business impact, and risk mitigation strategies. Work closely with internal teams and clients to assess, document, and remediate vulnerabilities discovered during testing. Stay up-to-date on emerging security trends, vulnerabilities, attack methods, and penetration testing tools; contribute to developing internal methodologies and best practices. Effectively communicate penetration testing results to clients, providing insights into risk levels and actionable next steps for remediation. Mentor junior staff and share knowledge to foster a collaborative and continuous improvement culture within the team. Key Skills And Qualifications Experience: 3-5 years in penetration testing or security analysis, ideally in a consulting environment. Hands-on experience with penetration testing tools such as Burp Suite, Kali Linux, Metasploit, Nessus, and Nmap. Strong understanding of web application security (OWASP Top 10, SQL Injection, Cross-Site Scripting, etc.). Expertise in network security, firewalls, IDS/IPS, VPNs, and security monitoring tools. Proficient in scripting languages (Python, Bash, etc.) for automation and exploit development. Familiarity with cloud environments (AWS, Azure, GCP) and securing cloud systems is a plus. Knowledge of risk management frameworks (e.g., NIST, ISO) is beneficial. Certifications (One or more): Offensive Security Certified Professional (OSCP) eLearnSecurity Certified Professional Penetration Tester (eJPT, eCPPT) Altered Security (CRTP, CARTP, CRTE) Practical Network Penetration Tester (PJPT, PNPT) Additional certifications such as Certified Ethical Hacker (CEH), CompTIA Security+, CISSP, or CISM are also beneficial. Strong analytical and problem-solving abilities. Exceptional communication skills, capable of presenting technical findings in a clear and structured manner to both technical and non-technical audiences. Ability to manage multiple client engagements and work independently in a fast-paced environment. #J-18808-Ljbffr