Senior Penetration Tester

This is a remote position.

Position Overview:

We are seeking an experienced and highly skilled Senior Penetration Tester / Red Team Operator to join our elite cybersecurity team. The ideal candidate will bring broad and deep expertise in offensive security, including advanced penetration testing techniques, development of custom exploits, and adversary simulation. You will be working on complex assessments, delivering high-quality reports, and presenting findings to technical and executive stakeholders

Primary Responsibilities:

Penetration Testing & Red Teaming

·        Plan, lead, and execute full-scope penetration tests across networks, applications, wireless, cloud, and social engineering vectors.

·        Simulate advanced persistent threats (APT) and conduct Red Team engagements to test and improve detection and response capabilities.

·        Identify and exploit security vulnerabilities using both publicly available and custom-developed tools.

·        Stay ahead of the threat landscape by mimicking real-world attack tactics, techniques, and procedures (TTPs).

Exploit Development & Tooling

·        Develop custom scripts and exploits in languages such as Python, PowerShell, Bash, C/C++, or assembly.

·        Modify and enhance offensive tools or create proprietary utilities for internal use.

·        Leverage frameworks such as Cobalt Strike, Metasploit, Empire, Covenant, and others for post-exploitation and persistence.

 Reporting & Communication

·        Deliver clear, detailed, and actionable reports tailored to both technical and executive audiences.

·        Provide remediation guidance and participate in post-assessment briefings and technical debriefs with clients.

·        Support security operations and blue teams in understanding attack paths and defense strategies.

 Mentorship & Thought Leadership

·        Serve as a mentor to junior team members and help grow offensive security capabilities internally.

·        Represent the company at industry events and conferences (optional but encouraged).

Qualifications Preferred:

·        5+ years of hands-on experience in penetration testing and red teaming.

·        Proven track record of developing custom exploits and offensive security tools.

·        Proficient in Linux and Windows internals, Active Directory exploitation, privilege escalation, lateral movement, and persistence.

·        Solid understanding of MITRE ATT&CK framework, OPSEC, and threat modeling.

·        Excellent written and verbal communication skills.

 Certifications (Required or Strongly Preferred)

·        OSCP – Offensive Security Certified Professional

·        GPEN – GIAC Penetration Tester

·        (Bonus: OSEP, CRTO, OSCE, GXPN, or other advanced certs)

Preferred Skills

·        Experience with cloud penetration testing (AWS, Azure, GCP).

·        Familiarity with purple teaming, breach & attack simulation (BAS), and threat emulation platforms.

·        Prior experience presenting to executive leadership or boards on security risk.

·        Contributions to open-source security tools or research.