Senior Penetration Tester - HYBRID

Job Description:

•Crop to Crop resumes are accepted Seeking a Senior Penetration Tester to conduct authorized network & infrastructure penetration testing to identify, validate, & demonstrate security weaknesses. The Senior Penetration Testing Contractor will: Plan and execute internal and external penetration tests for network and infrastructure environments Perform vulnerability identification, validation, and controlled exploitation Assess security posture across: Network devices (firewalls, routers, switches) On-premise servers and operating systems (Windows, Linux, Unix) Active Directory and identity infrastructure Remote access solutions and VPNs Cloud environments (where applicable) Simulate advanced threat actor techniques including: Privilege escalation Lateral movement Credential compromise Persistence mechanisms Evaluate security configurations and control effectiveness Conduct testing in accordance with approved Rules of Engagement Prepare and deliver formal penetration testing reports suitable for executive, audit, and technical audiences Support remediation validation and follow-up testing as required

Required Skills:

Minimum 7 10 years of hands-on experience in penetration testing or offensive security Demonstrated expertise in network and infrastructure security testing Strong understanding of: o TCP/IP, DNS, DHCP, VPN, firewalls, IDS/IPS o Windows and Linux system internals o Active Directory attack paths and defen Advanced proficiency with penetration testing tools such as: o Nmap, Nessus, Metasploit, Burp Suite o BloodHound, NetExec,PingCastel Analysis tools Experience producing standard penetration testing reports Familiarity with security frameworks and standards, including: o

NIST SP 800-53, 800-115, 800-61

o

MITRE ATT&CK

o OWASP Testing Guide Experience working within regulated or high-security environments Strong understanding of legal, ethical, and compliance requirements for penetration testing