• Job ID - J-10052291
  • Posted on June 9, 2026
Refer to a friend

Position Title: Penetration Tester

Department: Information Security / Cybersecurity

Reports To: Cybersecurity Manager / Head of Information Security

 

Position Summary

We are seeking a skilled and detail-oriented Penetration Tester to join our cybersecurity team. The Penetration Tester will be responsible for identifying, assessing, and reporting security vulnerabilities across networks, applications, cloud environments, and systems through authorized and controlled security testing. The ideal candidate should possess strong technical expertise, an ethical mindset, and a passion for helping organizations improve their security posture.

Key Responsibilities

Security Assessment & Testing

  • Conduct penetration testing on networks, web applications, mobile applications, APIs, cloud infrastructure, and operating systems.
  • Perform vulnerability assessments and validate discovered security weaknesses.
  • Simulate real-world cyberattacks to identify exploitable vulnerabilities.
  • Assess security controls and determine their effectiveness.

Vulnerability Analysis

  • Analyze and prioritize security vulnerabilities based on risk and business impact.
  • Validate false positives identified through automated security tools.
  • Research emerging threats, attack techniques, and vulnerabilities.

Reporting & Documentation

  • Prepare detailed penetration testing reports outlining findings, risks, proof-of-concepts, and remediation recommendations.
  • Present technical findings to both technical and non-technical stakeholders.
  • Maintain documentation of testing methodologies and assessment results.

Security Improvement

  • Collaborate with development, infrastructure, and IT teams to remediate identified vulnerabilities.
  • Provide guidance on security best practices and secure coding standards.
  • Support security awareness initiatives and training programs.

Compliance & Governance

  • Assist in security audits and compliance assessments.
  • Support compliance requirements related to ISO 27001, PCI-DSS, SOC 2, HIPAA, GDPR, or similar frameworks where applicable.

Required Qualifications

Education

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
  • Equivalent practical experience may be considered.

Experience

  • 2+ years of experience in penetration testing, ethical hacking, vulnerability assessment, or cybersecurity.
  • Experience conducting web application, network, and infrastructure security assessments.

Technical Skills

Strong understanding of
  • Networking protocols (TCP/IP, DNS, HTTP/HTTPS
  • Operating systems (Windows, Linux)
  • Web application security concept
  • Cloud security principles
  • Authentication and access control mechanisms
Familiarity with:
  • OWASP Top 10
  • MITRE ATT&CK Framework
  • Secure Software Development Lifecycle (SSDLC)

Tools Knowledge

Experience with security tools such as:

  • Burp Suite
  • Nmap
  • Metasploit
  • Wireshark
  • Nessus
  • Nikto
  • Kali Linux
  • OWASP ZAP
  • SQLMap

Preferred Certifications

  • Certified Ethical Hacker (CEH)
  • Offensive Security Certified Professional (OSCP)
  • CompTIA PenTest+
  • GIAC Penetration Tester (GPEN)
  • Certified Information Systems Security Professional (CISSP)

Soft Skills

  • Strong analytical and problem-solving abilities.
  • Excellent written and verbal communication skills.
  • Ability to explain technical findings to non-technical stakeholders.
  • High ethical standards and professional integrity.
  • Strong attention to detail.
Key Performance Indicators (KPIs)
  • Number of security assessments completed.
  • Quality and accuracy of penetration testing reports.
  • Vulnerabilities identified and successfully remediated.
  • Compliance and audit readiness.
  • Stakeholder satisfaction with security recommendations.

Reputed IT Company

  • Penetration Tester (Ethical Hacker) Full Time Onsite
  • Sanepa, Full time