What Jobs are available for Penetration Testers in Malaysia?

**Senior Advisor** **,** **Application** **Vulnerability Assessment** **-** **AppSec** **& Tenable**
Spotting vulnerabilities before they are exploited is a key part of how we approach security at Dell Technologies and why this team is so important. Our discovery and detection team identifies weaknesses in information systems, confirms compliance to security standards, analyzes discovered threats that could result in unauthorized misuse of data and works with the IT team to resolve security exposures.
You will have an excellent opportunity to influence the security culture at Dell and further develop your career.
Join us as a Consultant on our Cybersecurity - Vulnerability Assessment team in Malaysia to do the best work of your career and make a profound social impact. The ideal candidate will have strong experience developing, designing, and implementing network, and application and infrastructure vulnerability and configuration assessment systems using infrastructure as code, containers, within on-prem and cloud environments in use across the company. This individual will coordinate and mentor the team, and act as technical liaison and business coordinator across functional teams and stakeholder efforts to mature and drive Application Security discovery and detection engineering improvements.
**What** **you'll** **achieve**
**You will:**
+ Lead and expand the AppSec Vulnerability Assessment program, driving cross-functional engagement and aligning with enterprise security goals and industry best practices.
+ Architect and implement scalable solutions and automation for identifying and remediating web and API vulnerabilities across diverse environments.
+ Act as the strategic SME and liaison for engineering and business teams, providing technical leadership and mentoring junior staff.
+ Integrate Tenable and DAST capabilities into CI/CD pipelines to enable automated, continuous security validation within DevSecOps workflows.
+ Drive adoption of DAST and related technologies, delivering risk-based vulnerability insights for executive decision-making.
+ Establish and maintain security testing capabilities within Federal environments to meet regulatory and compliance requirements.
**Take the first step towards your dream career**
Every Dell Technologies team member brings something unique to the table. Here's what we are looking for with this role:
**Essential Requirements**
+ 6+ years of experience in Vulnerability Management, Application Security, or related security engineering roles, with proven leadership in multi-domain security initiatives.
+ Expert in the entire Tenable platform and suite with hands-on expertise with leading vulnerability scanning tools (e.g., Burp Suite, AppScan, Tenable, Prisma Cloud) and strong understanding of OWASP Top 10, secure coding practices, and threat modelling.
+ Proficiency in scripting and automation (Python, Bash, or similar) to enhance scanning capabilities and streamline workflows.
+ Experience engaging senior leadership and cross-functional teams, with strong communication, presentation, and data visualization skills to deliver actionable insights and executive dashboards.
+ Proven ability to thrive in a fast-paced, dynamic environment, balancing strategic planning with hands-on execution.
**Desirable Requirements**
+ Experience securing cloud and containerized environments, with knowledge of best practices and relevant tools.
+ Strategic and abstract thinking skills, including Design Thinking and business acumen, to influence security strategy and risk management decisions.
+ Familiarity with Agile methodologies and IT Service Management workflows, including JIRA and related tools.
**Who** **we are**
We believe that each of us has the power to make an impact. That's why we put our team members at the center of everything we do. If you're looking for an opportunity to grow your career with some of the best minds and most advanced tech in the industry, we're looking for you.
Dell Technologies is a unique family of businesses that helps individuals and organizations transform how they work, live and play. Join us to build a future that works for everyone because Progress Takes All of Us.
Application closing date: 31 December 2025
Dell Technologies is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. Read the full Equal Employment Opportunity Policy here ( .
**Job ID:** R

**Senior Advisor** **,** **Application** **Vulnerability Assessment** **-** **AppSec** **& Tenable**
Spotting vulnerabilities before they are exploited is a key part of how we approach security at Dell Technologies and why this team is so important. Our discovery and detection team identifies weaknesses in information systems, confirms compliance to security standards, analyzes discovered threats that could result in unauthorized misuse of data and works with the IT team to resolve security exposures.
You will have an excellent opportunity to influence the security culture at Dell and further develop your career.
Join us as a Consultant on our Cybersecurity - Vulnerability Assessment team in Malaysia to do the best work of your career and make a profound social impact. The ideal candidate will have strong experience developing, designing, and implementing network, and application and infrastructure vulnerability and configuration assessment systems using infrastructure as code, containers, within on-prem and cloud environments in use across the company. This individual will coordinate and mentor the team, and act as technical liaison and business coordinator across functional teams and stakeholder efforts to mature and drive Application Security discovery and detection engineering improvements.
**What** **you'll** **achieve**
**You will:**
+ Lead and expand the AppSec Vulnerability Assessment program, driving cross-functional engagement and aligning with enterprise security goals and industry best practices.
+ Architect and implement scalable solutions and automation for identifying and remediating web and API vulnerabilities across diverse environments.
+ Act as the strategic SME and liaison for engineering and business teams, providing technical leadership and mentoring junior staff.
+ Integrate Tenable and DAST capabilities into CI/CD pipelines to enable automated, continuous security validation within DevSecOps workflows.
+ Drive adoption of DAST and related technologies, delivering risk-based vulnerability insights for executive decision-making.
+ Establish and maintain security testing capabilities within Federal environments to meet regulatory and compliance requirements.
**Take the first step towards your dream career**
Every Dell Technologies team member brings something unique to the table. Here's what we are looking for with this role:
**Essential Requirements**
+ 6+ years of experience in Vulnerability Management, Application Security, or related security engineering roles, with proven leadership in multi-domain security initiatives.
+ Expert in the entire Tenable platform and suite with hands-on expertise with leading vulnerability scanning tools (e.g., Burp Suite, AppScan, Tenable, Prisma Cloud) and strong understanding of OWASP Top 10, secure coding practices, and threat modelling.
+ Proficiency in scripting and automation (Python, Bash, or similar) to enhance scanning capabilities and streamline workflows.
+ Experience engaging senior leadership and cross-functional teams, with strong communication, presentation, and data visualization skills to deliver actionable insights and executive dashboards.
+ Proven ability to thrive in a fast-paced, dynamic environment, balancing strategic planning with hands-on execution.
**Desirable Requirements**
+ Experience securing cloud and containerized environments, with knowledge of best practices and relevant tools.
+ Strategic and abstract thinking skills, including Design Thinking and business acumen, to influence security strategy and risk management decisions.
+ Familiarity with Agile methodologies and IT Service Management workflows, including JIRA and related tools.
**Who** **we are**
We believe that each of us has the power to make an impact. That's why we put our team members at the center of everything we do. If you're looking for an opportunity to grow your career with some of the best minds and most advanced tech in the industry, we're looking for you.
Dell Technologies is a unique family of businesses that helps individuals and organizations transform how they work, live and play. Join us to build a future that works for everyone because Progress Takes All of Us.
Application closing date: 31 December 2025
Dell Technologies is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. Read the full Equal Employment Opportunity Policy here ( .
**Job ID:** R

Application Vulnerability Assessment Senior Advisor- AppSec & Tenable Senior Advisor, Application Vulnerability Assessment– AppSec & Tenable

Spotting vulnerabilities before they are exploited is a key part of how we approach security at Dell Technologies and why this team is so important. Our discovery and detection team identifies weaknesses in information systems, confirms compliance to security standards, analyzes discovered threats that could result in unauthorized misuse of data and works with the IT team to resolve security exposures.

You will have an excellent opportunity to influence the security culture at Dell and further develop your career.

Join us as a Consultant on our Cybersecurity - Vulnerability Assessment team in Malaysia to do the best work of your career and make a profound social impact. The ideal candidate will have strong experience developing, designing, and implementing network, and application and infrastructure vulnerability and configuration assessment systems using infrastructure as code, containers, within on‑prem and cloud environments in use across the company. This individual will coordinate and mentor the team, and act as technical liaison and business coordinator across functional teams and stakeholder efforts to mature and drive Application Security discovery and detection engineering improvements.

What you’ll achieve You will:

Lead and expand the AppSec Vulnerability Assessment program, driving cross‑functional engagement and aligning with enterprise security goals and industry best practices.

Architect and implement scalable solutions and automation for identifying and remediating web and API vulnerabilities across diverse environments.

Act as the strategic SME and liaison for engineering and business teams, providing technical leadership and mentoring junior staff.

Integrate Tenable and DAST capabilities into CI/CD pipelines to enable automated, continuous security validation within DevSecOps workflows.

Drive adoption of DAST and related technologies, delivering risk‑based vulnerability insights for executive decision‑making.

Establish and maintain security testing capabilities within Federal environments to meet regulatory and compliance requirements.

Take the first step towards your dream career Every Dell Technologies team member brings something unique to the table. Here’s what we are looking for with this role:

6+ years of experience in Vulnerability Management, Application Security, or related security engineering roles, with proven leadership in multi‑domain security initiatives.

Expert in the entire Tenable platform and suite with hands‑on expertise with leading vulnerability scanning tools (e.g., Burp Suite, AppScan, Tenable, Prisma Cloud) and strong understanding of OWASP Top 10, secure coding practices, and threat modelling.

Proficiency in scripting and automation (Python, Bash, or similar) to enhance scanning capabilities and streamline workflows.

Experience engaging senior leadership and cross‑functional teams, with strong communication, presentation, and data visualization skills to deliver actionable insights and executive dashboards.

Proven ability to thrive in a fast‑paced, dynamic environment, balancing strategic planning with hands‑on execution.

Experience securing cloud and containerized environments, with knowledge of best practices and relevant tools.

Strategic and abstract thinking skills, including Design Thinking and business acumen, to influence security strategy and risk management decisions.

Familiarity with Agile methodologies and IT Service Management workflows, including JIRA and related tools.

Be careful - Don’t provide your bank or credit card details when applying for jobs. Don't transfer any money or complete suspicious online surveys. If you see something suspicious, report this job ad.

#J-18808-Ljbffr

Senior Advisor, Application Vulnerability Assessment – AppSec & Tenable Spotting vulnerabilities before they are exploited is a key part of how we approach security at Dell Technologies and why this team is so important. Our discovery and detection team identifies weaknesses in information systems, confirms compliance to security standards, analyzes discovered threats that could result in unauthorized misuse of data and works with the IT team to resolve security exposures.

You will have an excellent opportunity to influence the security culture at Dell and further develop your career.

Join us as a Consultant on our Cybersecurity – Vulnerability Assessment team in Malaysia to do the best work of your career and make a profound social impact. The ideal candidate will have strong experience developing, designing, and implementing network, and application and infrastructure vulnerability and configuration assessment systems using infrastructure as code, containers within on‑prem and cloud environments in use across the company. This individual will coordinate and mentor the team, and act as technical liaison and business coordinator across functional teams and stakeholder efforts to mature and drive Application Security discovery and detection engineering improvements.

What you’ll achieve

Lead and expand the AppSec Vulnerability Assessment program, driving cross‑functional engagement and aligning with enterprise security goals and industry best practices.

Architect and implement scalable solutions and automation for identifying and remediating web and API vulnerabilities across diverse environments.

Act as the strategic SME and liaison for engineering and business teams, providing technical leadership and mentoring junior staff.

Integrate Tenable and DAST capabilities into CI/CD pipelines to enable automated, continuous security validation within DevSecOps workflows.

Drive adoption of DAST and related technologies, delivering risk‑based vulnerability insights for executive decision‑making.

Establish and maintain security testing capabilities within Federal environments to meet regulatory and compliance requirements.

Essential Requirements

6+ years of experience in Vulnerability Management, Application Security, or related security engineering roles, with proven leadership in multi‑domain security initiatives.

Expert in the entire Tenable platform and suite with hands‑on expertise with leading vulnerability scanning tools (e.g., Burp Suite, AppScan, Tenable, Prisma Cloud) and strong understanding of OWASP Top 10, secure coding practices, and threat modelling.

Proficiency in scripting and automation (Python, Bash, or similar) to enhance scanning capabilities and streamline workflows.

Experience engaging senior leadership and cross‑functional teams, with strong communication, presentation, and data visualization skills to deliver actionable insights and executive dashboards.

Proven ability to thrive in a fast‑paced, dynamic environment, balancing strategic planning with hands‑on execution.

Desirable Requirements

Experience securing cloud and containerized environments, with knowledge of best practices and relevant tools.

Strategic and abstract thinking skills, including Design Thinking and business acumen, to influence security strategy and risk management decisions.

Familiarity with Agile methodologies and IT Service Management workflows, including JIRA and related tools.

Who we are We believe that each of us has the power to make an impact. That’s why we put our team members at the center of everything we do. If you’re looking for an opportunity to grow your career with some of the best minds and most advanced tech in the industry, we’re looking for you. Dell Technologies is a unique family of businesses that helps individuals and organizations transform how they work, live and play. Join us to build a future that works for everyone because Progress Takes All of Us.

Application closing date: 31 December 2025

Dell Technologies is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. Read the full Equal Employment Opportunity Policy here.

Job ID:

R

#J-18808-Ljbffr

**Penetration Tester**
Join us as **Senior Analyst** on our **Penetration Testing** team in Malaysia **-** **On-site** to do the best work of your career and make a profound social impact.
The ideal candidate possesses firm understanding of attack surfaces in web technologies, networks, and operating systems. Candidates must demonstrate the ability to analyze closed source applications using several off-the-shelf or custom developed tools. Additionally, the ideal candidate will be able to demonstrate organizational skills, work efficiently under minimal supervision, be able to deliver results that meet or exceed organization's expectations, be a strong team player, and actively participate in a fast-paced and challenging global environment.
**What** **you'll** **achieve**
+ Conduct andparticipate in authorized penetration testing exercises.
+ Report on and prioritize issues to vendors, security team, and engineering through standard escalation processes.
+ Communicate new developments, breakthroughs, challenges and lessons learned to team members and leadership.
+ Collaborate with the development of cybersecurity strategy, policy, standards, and procedures.
+ Work with management and senior team memberson how to integrate information security controls into enterprise environmentstocomply with established security standards and policies.
+ Continuously upgrade knowledge, skills & awareness in cybersecurity technologies by way of independent research, training, or any other self -improvement methods e.g., (Reading, HTB, CTF competitions)
+ Collaborate on additional projects, assignments, and initiatives as required.
**Take the first step towards your dream career**
Every Dell Technologies team member brings something unique to the table. Here's what we are looking for with this role:
+ Minimum of 2 years in Information Security, including at least 1 year of hands-on experience in one or more of the following areas: penetration testing, exploit development, vulnerability research, or fuzzing.
+ Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering, or a related technical field - or equivalent professional experience.
+ Cybersecurity Certifications:Possession of at least one of the following relevant certifications:
**_eLearnSecurity Certified Professional Penetration Tester (eCPPTv2)_**
**_Offensive Security Certified Professional (OSCP)_**
**_GIAC Penetration Tester (GPEN) or GIAC Web Application Penetration Tester (GWAPT)_**
+ Intermediate-level knowledge of penetration testing tools and techniques, cyberattack stages, application security standards, and testing methodologies for web applications, APIs, and network/infrastructure.
+ Solid understanding of computer networking, operating system internals, and common security threats, vulnerabilities, and risks affecting systems and applications.
**Desirable requirements**
+ Experience writing code in modern programming languages (e.g., C, C++, Java, .NET, Python), with knowledge of debugging principles and the ability to develop custom scripts, exploits, and tools.
+ Strong written and verbal communication skills in English, with a customer-oriented mindset and the ability to produce professional security reports and effectively present findings to technical and non-technical stakeholders.
**Who we are**
We believe that each of us has the power to make an impact. That's why we put our team members at the center of everything we do. If you're looking for an opportunity to grow your career with some of the best minds and most advanced tech in the industry, we're looking for you.
Dell Technologies is a unique family of businesses that helps individuals and organizations transform how they work, live and play. Join us to build a future that works for everyone because Progress Takes All of Us.
**Application closing date:** 11 September 2025
Dell Technologies is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. Read the full Equal Employment Opportunity Policy here ( .
**Job ID:** R

Hytech Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia

The Penetration Tester will be responsible for assessing the security of our network, applications, and infrastructure by identifying vulnerabilities and weaknesses that could be exploited by malicious actors. You will work closely with cybersecurity and development teams to provide actionable insights and recommendations, helping us protect critical assets.

Job Responsibilities

Conduct in-depth penetration tests on applications, network systems, and IT infrastructure.

Develop and execute test plans, including vulnerability scanning, exploit research, and attack simulations.

Identify and document security vulnerabilities, offering guidance and recommendations for remediation.

Collaborate with the cybersecurity team to simulate realistic attack scenarios to evaluate the resilience of our systems.

Stay current on new security threats, technologies, and techniques, applying them to improve testing strategies.

Assist in developing and refining security policies and best practices to improve the company’s overall security stance.

Job Requirements

Minimum Diploma in Computer Science, Information Security, or a related field. Relevant certifications are a plus (e.g., OSCP, CEH, CISSP).

At least 2 years experience in penetration testing or a similar role in cybersecurity.

Strong understanding of network protocols, application security, and operating systems.

Proficiency with penetration testing tools (e.g., Metasploit, Burp Suite, Nmap).

Experience with scripting languages (Python, Bash, etc.) and security frameworks.

Excellent problem‑solving skills with attention to detail.

Familiarity with compliance and regulatory standards (e.g., GDPR, HIPAA, PCI‑DSS).

Hands‑on experience with cloud platforms (AWS, Azure, Google Cloud) security assessments.

Benefits and Perks

Accessible by public transport (5 mins walking distance from LRT Abdullah Hukum)

Young, passionate & friendly working environment.

Rewarding career development with regional exposure.

Team building, creativity, birthday party, free flow of snacks and drinks.

Do you believe in the power of connections to transform careers and shape a brighter future? Together, let's connect our dots, inspire innovation, and build a workplace where talents unite to create extraordinary possibilities.

#J-18808-Ljbffr

Penetration Tester

Join us as

Senior Analyst

on our

Penetration Testing

team in Malaysia

– On-site

to do the best work of your career and make a profound social impact. The ideal candidate possesses a firm understanding of attack surfaces in web technologies, networks, and operating systems. Candidates must demonstrate the ability to analyze closed source applications using several off-the-shelf or custom developed tools. Additionally, the ideal candidate will be able to demonstrate organizational skills, work efficiently under minimal supervision, deliver results that meet or exceed the organization’s expectations, be a strong team player, and actively participate in a fast-paced and challenging global environment. What you’ll achieve

Conduct and participate in authorized penetration testing exercises.

Report on and prioritize issues to vendors, security team, and engineering through standard escalation processes.

Communicate new developments, breakthroughs, challenges and lessons learned to team members and leadership.

Collaborate with the development of cybersecurity strategy, policy, standards, and procedures.

Work with management and senior team members on how to integrate information security controls into enterprise environments to comply with established security standards and policies.

Continuously upgrade knowledge, skills & awareness in cybersecurity technologies by way of independent research, training, or any other self-improvement methods e.g., reading, HTB, CTF competitions.

Collaborate on additional projects, assignments, and initiatives as required.

Take the first step towards your dream career Every Dell Technologies team member brings something unique to the table. Here’s what we are looking for with this role: Minimum of 2 years in Information Security, including at least 1 year of hands-on experience in one or more of the following areas: penetration testing, exploit development, vulnerability research, or fuzzing.

Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, or a related technical field — or equivalent professional experience.

Cybersecurity Certifications: Possession of at least one of the following relevant certifications: eLearnSecurity Certified Professional Penetration Tester (eCPPTv2), Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), or GIAC Web Application Penetration Tester (GWAPT).

Intermediate-level knowledge of penetration testing tools and techniques, cyberattack stages, application security standards, and testing methodologies for web applications, APIs, and network/infrastructure.

Solid understanding of computer networking, operating system internals, and common security threats, vulnerabilities, and risks affecting systems and applications.

Desirable requirements

Experience writing code in modern programming languages (e.g., C, C++, Java, .NET, Python), with knowledge of debugging principles and the ability to develop custom scripts, exploits, and tools.

Strong written and verbal communication skills in English, with a customer-oriented mindset and the ability to produce professional security reports and effectively present findings to technical and non-technical stakeholders.

Who we are

We believe that each of us has the power to make an impact. That’s why we put our team members at the center of everything we do. If you’re looking for an opportunity to grow your career with some of the best minds and most advanced tech in the industry, we’re looking for you. Dell Technologies is a unique family of businesses that helps individuals and organizations transform how they work, live and play. Join us to build a future that works for everyone because Progress Takes All of Us. Application closing date:

11 September 2025 Dell Technologies is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. Read the full Equal Employment Opportunity Policy here.

#J-18808-Ljbffr

Location(s):Asia-Pacific & Middle East : Malaysia : Kuala Lumpur

BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.

About Us Our mission at BAE Systems Digital Intelligence is to collect, connect and understand complex data, so that our customers can unlock digital advantage in the most demanding environments.

At our Malaysian Global Delivery Centre, we work with clients from around the world to deliver cyber technical services to support our customers in keeping their systems secure in today’s hostile digital world.

As a Senior Penetration Tester, you will perform comprehensive penetration testing assessments across a wide range of sectors and produce comprehensive written reports to meet high industry standards. Beyond the testing itself, you will be involved in client pre-engagement processes, contributing to scoping tasks and drafting proposals.

This position is part of our global Cyber Technical Services team, which includes adjacent areas such as Threat Intelligence and SOC Consulting.

Your role will involve:

Delivery of end-to-end security testing engagements, including scoping and client wash-up meetings.

Performing a wide range of security testing types such as web application, infrastructure and objective based/red teaming.

Production of detailed reporting and presentations for both technical and non-technical stakeholders.

Safe and responsible use of testing tools, ensuring controls are in place to limit risks during customer engagements.

Developing improvements in terms of scripts, tools, or techniques to enhance the Security Testing team's capabilities.

Maintaining an up-to-date knowledge of information security issues, continuously learning about new technologies, methodologies, and techniques.

Knowledge sharing with colleagues in other teams, such as Threat Intelligence, Incident Response, and the wider Security Consulting community.

Assist and support team members in troubleshooting complex technical issues, reviewing vulnerability findings, and validating penetration test results to uphold high standards of accuracy, consistency, and reporting quality.

Role requirements

We are looking for those with a passion for cybersecurity. Those who contribute to cybersecurity related blogs, engage in vulnerability research/bug bounties or other community related events will be looked at favourably

Experience in common offensive penetration testing domains such as testing of web applications, infrastructure and red teaming. Experience with wireless and mobile testing also an advantage.

Evidenced skills through industry recognised certifications such OSCP, CREST or CRTO

Confident communicator with excellent spoken and written English communication skills

Experience using common industry tools such as Kali Linux, Nessus & Burpsuite

Desirable

Knowledge of C2 frameworks such as Cobalt Strike

Threat hunting or compromised assessment experience

What We Offer

You’ll have a dedicated line Manager to help you develop your career and guide you on your journey through BAE Systems Digital Intelligence

We will support your personal training and development in the areas of cybersecurity by sponsoring training courses and certification exams (i.e OSCP, CREST, CRTO)

Work-life balance is important; you’ll get 18 days holiday a year (increases to 21 after 5 years’ service)

We support hybrid working and give flexibility for teams to decide on the balance between remote and office-based working

Our benefits package includes private family medical cover, maternity (4 months), paternity (2 weeks), study leave & a Optical/Dental/Health screening allowance

You’ll be part of our annual bonus and share award scheme

Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day.

By embracing technology, we can interact, collaborate and create together, even when we’re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well-being.

Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds – the best and brightest minds – can work together to achieve excellence and realise individual and organisational potential.

#J-18808-Ljbffr

2 weeks ago Be among the first 25 applicants

Summary You will be responsible for managing a team of penetration testers, designing and executing complex security assessments, and ensuring the security posture of critical systems and applications across our organization. You will also serve as a subject matter expert in identifying vulnerabilities, providing remediation strategies, and developing threat modeling.

Key Responsibilities

Set the direction and scope of internal and external penetration testing engagements.

Develop, refine, and maintain the organization's penetration testing methodology.

Align red team activities with business objectives, risk priorities, and threat intelligence.

Lead, mentor, and coach a team of penetration testers, red teamers, and offensive security analysts.

Conduct regular 1-on-1s, career development planning, and performance evaluations.

Build a collaborative and high-performing team culture with continuous skills development.

Oversee project timelines, resource allocation, and task delegation.

Ensure timely delivery of assessments and reporting within defined SLAs.

Manage team workflows using Agile or structured project management frameworks.

Review and approve penetration testing reports for clarity, accuracy, and risk relevance.

Ensure all tests are conducted ethically, legally, and in line with organizational policy.

Maintain consistency in reporting formats, severity ratings, and risk classifications.

Provide hands‑on support in complex testing scenarios (e.g., privilege escalation, advanced persistence).

Serve as the go‑to expert in bypassing modern defenses (EDR, WAF, MFA, etc.).

Troubleshoot and advise during real‑time engagements or red/purple team exercises.

Stay current with threat trends, TTPs (MITRE ATT&CK), and industry frameworks (OWASP, PTES, NIST).

Recommend new tools, scripts, and techniques to keep the team ahead of emerging threats.

Introduce automation, playbooks, and reusable exploits to improve testing efficiency.

Develop internal training modules, labs, and tabletop exercises.

Support certifications and knowledge-sharing within the team (e.g., OSCP, OSCE, CRTO).

Organize internal red team simulations, capture‑the‑flag (CTF) challenges, or lab walkthroughs.

Present technical findings and risk assessments clearly to non‑technical stakeholders.

Interface with IT, development, SOC, and compliance teams to coordinate remediation efforts.

Participate in executive briefings or incident response drills where red team input is required.

Ensure testing procedures align with regulatory frameworks (ISO 27001, PCI-DSS, NIST).

Maintain documentation for all tools, payloads, testing infrastructure, and evidence handling.

Establish safe testing protocols to avoid disruption or unintentional damage during engagements.

Seniority level: Not Applicable

Employment type: Full‑time

Job function: Information Technology

Industries: IT Services and IT Consulting

#J-18808-Ljbffr