




Job Summary: Offensive security professional to conduct penetration tests, vulnerability assessments, attack simulations, and prepare technical reports, supporting development teams in mitigating security flaws. Key Highlights: 1. Conduct penetration tests on applications and networks 2. Lead Red Team activities and attack simulations 3. Prepare technical reports with mitigation recommendations Expected Responsibilities: Perform penetration testing (pentest) on web applications, mobile apps, APIs, and internal/external networks; Conduct vulnerability analyses and controlled exploitation of security flaws; Lead Red Team, Purple Team, or attack simulation activities; Prepare technical and executive reports with evidence, risk analysis, and mitigation recommendations for related departments; Support development and infrastructure teams in remediating vulnerabilities; Research and apply new techniques, tools, and attack vectors. Required Qualifications: Proven experience in penetration testing with solid knowledge of network protocols (TCP/IP, DNS, HTTP/HTTPS); Web application security (OWASP Top 10\); Scripting or programming knowledge (Python, Bash, PowerShell, or similar); Critical analytical ability and logical reasoning for exploiting vulnerabilities. Preferred Qualifications: Experience with cloud security (AWS, Azure, GCP); Knowledge of API and modern application security; Participation in CTFs, bug bounty programs, or independent research; Certifications such as OSCP, CRTO, eJPT, CEH, PNPT, or similar; Knowledge of DevSecOps and security automation. Behavioral Competencies: Analytical, investigative, and proactive profile; Strong communication skills for interaction with both technical and non-technical stakeholders; Organized and detail-oriented; Committed to ethics, confidentiality, and security best practices


