Senior Pentester

Ensign is hiring !

Key Responsibilities
 

1. Penetration Testing & Security Assessments

• Conduct penetration testing on:

  • Web applications (OWASP Top 10)

  • Mobile applications (iOS / Android)

  • Internal and external networks

  • APIs and web services

  • Cloud environments (AWS, Azure, GCP)

• Perform vulnerability assessments using automated and manual techniques.

• Simulate real-world attack scenarios including privilege escalation and lateral movement.
   

2. Exploitation & Validation

• Identify and exploit security weaknesses in systems and applications.

• Develop proof-of-concept (PoC) exploits to validate findings.

• Assess impact and risk severity of vulnerabilities discovered.
   

3. Reporting & Documentation

• Prepare detailed penetration testing reports including:

  • Executive summary

  • Technical findings

  • Risk ratings

  • Remediation recommendations

• Present findings to technical teams and management.

• Provide remediation validation (retest) services.
   

4. Tools & Techniques

• Utilize industry tools such as:

  • Burp Suite

  • Metasploit

  • Nmap

  • Nessus / OpenVAS

  • Wireshark

  • SQLmap

  • Kali Linux toolsets

• Develop custom scripts (Python, Bash, PowerShell) where necessary.

• Stay updated on latest attack techniques, CVEs, and threat trends.
   

5. Compliance & Standards

• Conduct testing aligned with:

  • OWASP Testing Guide

  • PTES (Penetration Testing Execution Standard)

  • NIST frameworks

  • ISO 27001 controls

• Support compliance-driven assessments (e.g., PCI-DSS).
   

Requirements

• Bachelor’s Degree in Cybersecurity, Computer Science, IT, or related field.

Experience

• 2–5 years of experience in penetration testing or offensive security.

• Hands-on experience conducting web and network penetration tests.

• Experience preparing formal penetration testing reports.

(Senior level: 5+ years with leadership or project ownership experience.)