Job Openings Senior Supervisor Security Testing (Penetration Testing)

About the job Senior Supervisor Security Testing (Penetration Testing)

Overview:
We are seeking an experienced and highly skilled Senior Supervisor in Security Testing to lead and execute comprehensive penetration testing activities across a variety of platforms, including network infrastructure, web and mobile applications, cloud environments, and enterprise systems. This role is critical in identifying and mitigating vulnerabilities through full-scope assessments, including discovery, exploitation, and secure coding analysis.

Key Responsibilities:

  • Perform advanced penetration testing across diverse environments including:
    • Web and Mobile Applications (iOS, Android)
    • Network Infrastructure
    • Active Directory and internal enterprise systems
    • Cloud platforms (AWS, Azure, GCP)
    • IoT, Firmware, and APIs
  • Utilize leading penetration testing and security tools such as:
    • Burp Suite Pro (with plugin integrations), Metasploit, Nmap, Nessus, Acunetix, Cobalt Strike
  • Apply offensive security techniques, red teaming methodologies, and frameworks such as:
    • OWASP Top 10, MITRE ATT&CK, PTES, NIST SP 800-115
  • Conduct reverse engineering of mobile apps including obfuscated and anti-emulator protected apps.
  • Perform secure code reviews and design-level application security assessments across technologies including:
    • Web services (REST/SOAP), SaaS platforms, thick clients, and microservices.
  • Develop and deliver clear, concise technical and executive-level reporting and presentations.
  • Simulate real-world attack scenarios to assess and improve detection and response capabilities.
  • Collaborate with development, architecture, and risk teams to recommend and validate mitigation strategies.

Required Qualifications:

  • Bachelors degree in Computer Science, Cybersecurity, or a related technical field.
  • Minimum of 4 years hands-on experience in penetration testing or offensive security roles.
  • Strong knowledge of security testing methodologies and manual testing techniques.
  • Practical experience in red teaming and offensive testing of:
    • Web applications, Mobile apps, Infrastructure, Cloud, and AD environments.
  • Familiarity with scripting and automation tools for offensive security (Python, Bash, PowerShell, etc.).

Preferred Skills & Experience:

  • Expertise in tools like:
    • Burp Suite Pro (with BApp Store plugins), Cobalt Strike, Metasploit, OWASP ZAP, Nmap, Nessus, Wireshark
  • Experience with reverse engineering, mobile application security bypass, and dynamic analysis.
  • Familiarity with secure SDLC, DevSecOps, and CI/CD security integration.
  • Exposure to threat modeling, fuzzing, and static/dynamic application security testing (SAST/DAST).
  • Programming/Scripting: Python, JavaScript, Java, C/C++, C#, Bash, PowerShell, or Assembly.

Certifications (Preferred):

  • One or more of the following are strongly desired:
    • OSCP, OSWE, OSCE, OSEP
    • GWAPT, GMOB, eWPT, eMAPT, eCPTX
    • CEH, CISSP, GIAC GPEN/GXPN, GREM

Or refer someone