Web application and api vulnerability exploitation
Active directory exploitation techniques
This role involves assessing the security posture of web applications, networks, cloud platforms, and internal infrastructures through realistic attack simulations
Job Summary
This role involves assessing the security posture of web applications, networks, cloud platforms, and internal infrastructures through realistic attack simulations.
The successful candidate will execute adversary-style attack chains including lateral movement, privilege escalation, and Active Directory abuse.
You will produce high-quality reports with clear technical detail and business impact while presenting findings to both engineering and management teams.
Matching Summary
This role involves assessing the security posture of web applications, networks, cloud platforms, and internal infrastructures through realistic attack simulations.
Skills & Requirements
Must-have
3+ years hands-on penetration testing experience
Web application and API vulnerability exploitation
Active Directory exploitation techniques
Cloud environment security assessment
Manual testing beyond automated scanners
Nice-to-have
Source code review skills in Java or C#
EDR/AV evasion techniques experience
Threat modeling and attack path analysis
Adversary simulation and red teaming
Self-driven and proactive mindset
Key Requirements
3+ years of offensive security experience
Proficiency with Burp Suite, Nmap, Metasploit
Experience with BloodHound, CrackMapExec, Impacket
Strong reporting skills for technical and non-technical audiences
Certifications like OSCP, PNPT, CRTO, OSWE preferred