Penetration Tester

Security Consultant (Offensive Security) – Manila | BGC | Hybrid

If you enjoy breaking things to make them stronger, this role will keep you sharp. Join a global security team that tackles real-world attack scenarios, works with international clients, and invests heavily in your growth.

About the Company

NCC Group is a global leader in cyber security, helping organizations secure their systems before attackers strike. Our Manila team is expanding, and we're looking for consultants who thrive in offensive security, problem-solving, and global teamwork.

About the Role

You'll perform penetration testing and security assessments across web apps, APIs, and infrastructure. You'll also translate technical findings into clear, actionable advice for clients worldwide. This role is hands-on, collaborative, and offers structured upskilling through global mentorship and certifications.

Key Responsibilities

• Execute penetration testing and offensive security assessments across various environments.
• Identify and document vulnerabilities, risks, and exploitation paths.
• Provide clear, actionable remediation guidance to technical and non-technical stakeholders.
• Collaborate with international teams and support global delivery initiatives.
• Participate in knowledge sharing, team capability building, and process improvement.

Must-Have Qualifications

• Minimum
  3 years of offensive security experience
  , including:
• Web application & web services security assessments
• External infrastructure security assessments
• Linux command-line usage and system familiarity
• Experience working with international teams or global consulting environments
• Excellent English communication — spoken, written, and technical explanation
• Willing to work on
  APAC, EU, NA shifts
  , with
  UK shift for the first 6 months
• Willing to work
  onsite in BGC
  : full-time for 6 months, then hybrid (2x/week)

Good-to-Have

• Exposure to internal infrastructure security testing
• Knowledge of scripting/programming or code review
• Familiarity with security standards (PCI-DSS, HIPAA, etc.)
• Experience with mobile, cloud, or firewall security testing
• Certifications:
  OSCP, BSCP, CRT, CPSA

Why Join Us

• Work on diverse, high-impact penetration testing engagements
• Access mentorship from global offensive security experts
• Strong support for certifications and technical growth
• Be part of an inclusive, collaborative, and learning-focused culture