Penetration Tester

Our client is seeking a skilled and ethical Penetration Tester to join their cybersecurity team on a contract basis. This fully remote role involves actively identifying vulnerabilities within our client's systems and applications to strengthen their overall security posture. The ideal candidate will be adept at simulating real-world attacks to uncover potential weaknesses before malicious actors can exploit them.

Responsibilities: Conduct comprehensive penetration tests on web applications, networks, and mobile applications. Perform vulnerability assessments and security audits to identify and document security flaws. Utilize a variety of penetration testing tools and techniques, including automated scanners and manual methods. Analyze test results, identify root causes of vulnerabilities, and provide detailed, actionable remediation recommendations. Develop clear and concise reports documenting findings, risks, and proposed solutions. Communicate technical findings effectively to both technical and non-technical stakeholders. Stay up-to-date with the latest security threats, vulnerabilities, and penetration testing methodologies. Assist in the development and refinement of penetration testing strategies and playbooks. Collaborate with development and IT teams to ensure vulnerabilities are addressed in a timely manner. Maintain the confidentiality and integrity of all client data and information. Adhere to ethical hacking principles and legal guidelines throughout all testing activities. Contribute to the continuous improvement of the cybersecurity team's capabilities. Perform security research to identify new attack vectors and defense mechanisms. Provide guidance and mentorship to junior penetration testers as needed. Qualifications: Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent practical experience. Minimum of 4 years of hands-on experience in penetration testing and vulnerability assessment. Demonstrated expertise in offensive security techniques and methodologies. Proficiency with a range of penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, OWASP ZAP). Strong understanding of network protocols, operating systems, web application security, and cloud security. Experience in scripting languages (e.g., Python, Bash) for automation of testing tasks. Excellent analytical, problem-solving, and critical-thinking skills. Strong written and verbal communication skills, with the ability to produce professional reports. Relevant certifications such as OSCP, CEH, CISSP, or GIAC certifications are highly desirable. Ability to work independently and manage time effectively in a remote environment. Experience testing APIs and mobile applications is a plus. Demonstrated commitment to ethical security practices. This contract position is fully remote, offering flexibility while contributing critical security insights from near East London, Eastern Cape, ZA .