Senior Supervisor Security Testing (Penetration Testing)

Orange

  • السادس من أكتوبر
  • دائم
  • دوام كامل
  • قبل 2 أشهر
Overview:We are seeking an experienced and highly skilled Senior Supervisor in Security Testing to lead and execute comprehensive penetration testing activities across a variety of platforms, including network infrastructure, web and mobile applications, cloud environments, and enterprise systems. This role is critical in identifying and mitigating vulnerabilities through full-scope assessments, including discovery, exploitation, and secure coding analysis.Key Responsibilities:
  • Perform advanced penetration testing across diverse environments including:
  • Web and Mobile Applications (iOS, Android)
  • Network Infrastructure
  • Active Directory and internal enterprise systems
  • Cloud platforms (AWS, Azure, GCP)
  • IoT, Firmware, and APIs
  • Utilize leading penetration testing and security tools such as:
  • Burp Suite Pro (with plugin integrations), Metasploit, Nmap, Nessus, Acunetix, Cobalt Strike
  • Apply offensive security techniques, red teaming methodologies, and frameworks such as:
  • OWASP Top 10, MITRE ATT&CK, PTES, NIST SP 800-115
  • Conduct reverse engineering of mobile apps including obfuscated and anti-emulator protected apps.
  • Perform secure code reviews and design-level application security assessments across technologies including:
  • Web services (REST/SOAP), SaaS platforms, thick clients, and microservices.
  • Develop and deliver clear, concise technical and executive-level reporting and presentations.
  • Simulate real-world attack scenarios to assess and improve detection and response capabilities.
  • Collaborate with development, architecture, and risk teams to recommend and validate mitigation strategies.
Required Qualifications:
  • Bachelors degree in Computer Science, Cybersecurity, or a related technical field.
  • Minimum of 4 years hands-on experience in penetration testing or offensive security roles.
  • Strong knowledge of security testing methodologies and manual testing techniques.
  • Practical experience in red teaming and offensive testing of:
  • Web applications, Mobile apps, Infrastructure, Cloud, and AD environments.
  • Familiarity with scripting and automation tools for offensive security (Python, Bash, PowerShell, etc.).
Preferred Skills & Experience:
  • Expertise in tools like:
  • Burp Suite Pro (with BApp Store plugins), Cobalt Strike, Metasploit, OWASP ZAP, Nmap, Nessus, Wireshark
  • Experience with reverse engineering, mobile application security bypass, and dynamic analysis.
  • Familiarity with secure SDLC, DevSecOps, and CI/CD security integration.
  • Exposure to threat modeling, fuzzing, and static/dynamic application security testing (SAST/DAST).
  • Programming/Scripting: Python, JavaScript, Java, C/C++, C#, Bash, PowerShell, or Assembly.
Certifications (Preferred):
  • One or more of the following are strongly desired:
  • OSCP, OSWE, OSCE, OSEP
  • GWAPT, GMOB, eWPT, eMAPT, eCPTX
  • CEH, CISSP, GIAC GPEN/GXPN, GREM
contractRegular

Orange