Job Openings Senior Network Security Architect & Penetration Tester

About the job Senior Network Security Architect & Penetration Tester

About the Role

We are seeking a rare hybrid talent: a Senior Network Security Engineer with strong Blue Team discipline to architect and secure complex on-prem infrastructure, combined with the Red Team mindset to actively test and exploit it.

In this role, you will serve as the primary architect of our physical and virtual network environments while leading internal penetration testing initiatives. This is not a checklist-driven security role — you will proactively hunt vulnerabilities across every layer of the infrastructure.

Key Responsibilities
  • Design, implement, and maintain high-availability enterprise networks across on-prem and data center environments.
  • Configure and manage L2/L3 switches and routers (Cisco, Juniper, Arista) with BGP, OSPF, MPLS, trunking, and port security.
  • Manage VMware vSphere environments (ESXi, vCenter, NSX, vMotion) and harden hypervisors for secure VM operations.
  • Implement network hardening controls including ACLs, VLAN segmentation, VPNs (IPsec/SSL), Zero Trust architecture, and enterprise firewalls (Palo Alto, Fortinet).
  • Conduct authorized internal penetration tests across networks, wireless segments, edge devices, and infrastructure systems.
  • Perform vulnerability assessments using Kali Linux, Nessus/OpenVAS, Metasploit, Burp Suite Professional, Nmap, and Wireshark.
  • Drive full vulnerability lifecycle management from discovery and exploitation to remediation and validation.
  • Analyze and secure all OSI layers, mitigating Layer 2 (MAC spoofing, STP attacks) and Layer 7 (SQLi, XSS) threats.
  • Prevent and detect MitM attacks, privilege escalation, and lateral movement within internal environments.
  • Develop automation scripts using Python, Bash, and PowerShell to streamline security operations and incident response.
  • Strong networking expertise in BGP, OSPF, MPLS, VLANs, ACLs, Port Security, and enterprise firewalling.
  • Hands-on experience with virtualization technologies including VMware vCenter, NSX, and ESXi hardening.
  • Proficiency in offensive security tools such as Kali Linux, Metasploit Framework, Burp Suite Professional, Nmap, and Wireshark.
  • Scripting and automation skills using Python and Bash to streamline security operations and testing.
Qualifications & Experience
  • 7+ years of experience in Network Engineering
  • Minimum 3 years in Offensive Security / Penetration Testing
  • Strong hands-on data center and bare metal infrastructure experience

Preferred Certifications

  • Offensive Security certifications such as OSCP, OSCE, and GPEN.
  • Infrastructure certifications including CCNP / CCIE (Security) and VCP (VMware Certified Professional).

Job Details

  • Location: Lahore/Islamabad/Karachi (Remote)
  • Experience: 5+ Years
  • Department: Network Secruity & Penetration Tester

About Us:

TEKHQS is a global technology solutions provider headquartered in Lake Forest, California, with a 300+ expert team in Pakistan. We specialize in ERP (SAP S/4HANA, Oracle NetSuite, Microsoft Dynamics 365), AI/ML, Blockchain, Cloud, and Staff Augmentation services. Join us to drive business growth and work on cutting-edge global IT projects with hands-on mentorship and a clear career path.


Or refer someone