Pen Tester

Key Responsibilities: • Penetration Testing: Conduct advanced penetration tests across various platforms, including web applications, networks, and internal/external infrastructures, to identify vulnerabilities and weaknesses. • Vulnerability Assessments: Perform thorough vulnerability assessments and scans, identifying attack vectors and providing strategic recommendations. • Reporting and Documentation: Prepare and deliver clear, concise penetration testing reports that outline technical findings, business impact, and risk mitigation strategies. • Collaboration: Work closely with internal teams and clients to assess, document, and remediate vulnerabilities discovered during testing. • Research & Development: Stay up-to-date on emerging security trends, vulnerabilities, attack methods, and penetration testing tools. Contribute to developing internal methodologies and best practices. • Client Engagement: Effectively communicate penetration testing results to clients, providing insights into risk levels, and actionable next steps for remediation. • Security Awareness: Mentor junior staff and share knowledge to foster a collaborative and continuous improvement culture within the team. Key Skills and Qualifications: • Experience: 3-5 years in penetration testing or security analysis, ideally in a consulting environment. • Technical Skills: • Hands-on experience with penetration testing tools such as Burp Suite, Kali Linux, Metasploit, Nessus, and Nmap. • Strong understanding of web application security (OWASP Top 10, SQL Injection, Cross-Site Scripting, etc.). • Expertise in network security, firewalls, IDS/IPS, VPNs, and security monitoring tools. • Proficient in scripting languages (Python, Bash, etc.) for automation and exploit development. • Familiarity with cloud environments (AWS, Azure, GCP) and securing cloud systems is a plus. • Knowledge of risk management frameworks (e.g., NIST, ISO) is beneficial. • Certifications (One or more): • Offensive Security Certified Professional (OSCP) • eLearnSecurity Certified Professional Penetration Tester (,eJPT, eCPPT) • Altered Security (CRTP, CARTP, CRTE) • Practical Network Penetration Tester (PJPT, PNPT) • Additional certifications such as Certified Ethical Hacker (CEH), CompTIA Security, CISSP, or CISM are also beneficial. • Soft Skills: • Strong analytical and problem-solving abilities. • Exceptional communication skills, capable of presenting technical findings in a clear and structured manner to both technical and non-technical audiences. • Ability to manage multiple client engagements and work independently in a fast-paced environment.

Location: Sandton, ZA

Posted Date: 11/24/2025