Information Security Engineer (Penetration Tester)

Our client is seeking a highly skilled and motivated Information Security Engineer, specializing in Penetration Testing, to join our dynamic security team in Kano, Kano, NG . This hybrid role offers the exciting opportunity to combine remote flexibility with essential in-office collaboration for high-stakes security assessments. You will be responsible for identifying vulnerabilities within our client's systems, networks, and applications, conducting rigorous penetration tests, and providing actionable recommendations to strengthen our overall security posture. Your expertise in ethical hacking and defensive security principles will be critical to safeguarding our digital assets.

Responsibilities: Conduct comprehensive penetration tests against web applications, networks, APIs, and cloud environments to identify security weaknesses. Perform vulnerability assessments and analyze security risks to determine their potential impact. Develop detailed reports outlining identified vulnerabilities, their severity, and practical remediation strategies. Collaborate with development and IT teams to ensure timely and effective remediation of security flaws. Stay up-to-date with the latest penetration testing techniques, tools, and emerging threats. Develop and maintain custom scripts and tools to automate security testing processes. Assist in the development and implementation of security policies and procedures. Participate in security architecture reviews and provide input on secure design principles. Conduct security awareness training and educate internal teams on potential threats and vulnerabilities. Manage multiple testing engagements concurrently, ensuring adherence to project timelines and scope. Document testing methodologies, findings, and recommendations thoroughly. Contribute to the continuous improvement of the penetration testing program and security best practices. Maintain strict confidentiality regarding all findings and client information. Qualifications: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent practical experience. Minimum of 4 years of professional experience in penetration testing and vulnerability assessment. Proven experience with a wide range of penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, Nessus). Strong understanding of network protocols, operating systems (Windows, Linux), web application security principles (OWASP Top 10), and common exploitation techniques. Experience with scripting languages such as Python, PowerShell, or Bash. Excellent analytical and problem-solving skills, with a meticulous attention to detail. Strong written and verbal communication skills, with the ability to clearly articulate complex technical findings to both technical and non-technical audiences. Relevant security certifications such as OSCP, CEH, CISSP, or GPEN are highly desirable. Ability to work both independently and collaboratively within a team environment. Demonstrated ability to manage projects and meet deadlines effectively. This hybrid role requires flexibility for on-site engagements in Kano, Kano, NG , complemented by remote work capabilities.