Penetration Tester

JOB OVERVIEW

We are seeking a highly skilled Penetration Tester / Red Team Operator to join our security team. In this role, you will conduct ethical hacking engagements, simulate real-world cyber threats, and identify vulnerabilities across digital assets. You will work on enhancing defenses, improving detection and response capabilities, and contribute to the overall security posture of the organization. If you have a passion for offensive security, deep technical expertise, and a hacker mindset, we want to hear from you.

JOB DESCRIPTION

Key Responsibilities:

· Carry out broad-scope ethical hacking engagements typically encompassing all of the customer's digital assets.

· Execute penetration testing on our web applications, networks, and systems to uncover vulnerabilities.

· Craft, refine, and deploy custom exploits.

· Record findings, generate penetration test reports, and convey results to both technical and non-technical stakeholders.

· Collaborate with the security team to provide insights and recommendations for security enhancements.

· Engage in red teaming exercises, emulating advanced adversarial tactics and techniques.

· Stay updated with the latest vulnerabilities, exploits, and industry best practices.

· Cooperate with IT and development teams to implement and maintain security best practices.

· Partner with the Blue Team and other security experts to hone detection and response capabilities.

Required Qualifications:

· At least 5 years of experience in penetration testing or other offensive security roles.

· Must have previous experience in IT, candidates with prior experience in Networking, Enterprise system administration or development will be given higher priority.

· Proficiency in commonly used penetration testing tools (e.g., Metasploit, Burp Suite, Nessus, Bloodhound).

· Deep understanding of enterprise environments and architectures.

· Actual hands-on experience carrying out engagement in enterprise environments.

· Proficiency in Windows exploitation and post-exploitation techniques.

· Solid understanding and experience of privilege escalation tactics and methodologies in enterprise Active Directory environments.

· Comprehensive grasp of the current cyber threat landscape and attacker methodologies.

· Exceptional communication skills to demystify complex vulnerabilities for a diverse audience.

· Bachelor's degree in Computer Science, Information Security, or a related discipline. Degree requirements can be substituted by 7+ years of hands-on penetration testing experience and/or advanced level penetration testing certifications.

· At least a basic understanding of EDR evasion techniques.

· Basic to intermediate knowledge of at least 2 of the following scripting languages: bash, python, powershell, php, perl.

Desired Qualifications:

· Certifications such as OSCP, CRTP, CRTE, OSCE, or other relevant credentials.

· Experience with EDR (Endpoint Detection and Response) systems, emphasizing evasion methods.

· Proven expertise in red teaming operations.

· Scripting/Programming abilities in languages like Python, Ruby, Perl, c/c++, x86 Assembly.

· Familiarity with cloud platforms and their associated security challenges.

· Respectable rankings on CTF platforms like HackTheBox (Elite Hacker and up), independent security research, side-project repositories would all be considered a strong plus for the applicant.

WHAT WE OFFER

· Competitive salary and benefits package.

· Opportunities for professional development and career advancement.

· A collaborative and supportive work environment.

· The chance to work with cutting-edge technologies and high-profile clients.

Job Types: Full-time, Permanent

Pay: Php80, Php150,000.00 per month

Benefits:

• Paid training
• Promotion to permanent employee
• Work from home

Work Location: In person