Inspira Enterprise
Overview
We are looking for a
Penetration Tester
with 25 years of hands-on experience performing end-to-end security assessments across a variety of technologies and environments. The role involves conducting comprehensive evaluations of applications, networks, and infrastructure, identifying exploitable weaknesses, and delivering clear, actionable remediation guidance to stakeholders at all levels.
Key Responsibilities Execute
comprehensive penetration tests
on diverse environments including: Web and mobile applications Internal and external networks APIs and cloud-hosted services (AWS, Azure, GCP) Infrastructure components, Active Directory, and enterprise systems Perform
threat modeling, exploitation, and post-exploitation
activities to determine true business impact. Assess both
technical and procedural security controls , validating configurations and identifying weaknesses in authentication, authorization, and data protection. Develop and maintain
custom scripts, payloads, and automation tools
to enhance testing depth and efficiency. Produce
detailed technical reports
with risk ratings, reproduction steps, and practical mitigation recommendations. Deliver
executive summaries and presentations
that translate technical findings into business risk terms. Collaborate with engineering, development, and security teams to
support remediation and retesting efforts . Stay informed on
emerging vulnerabilities, exploits, and security frameworks , integrating new techniques into testing methodologies. Contribute to the ongoing
refinement of internal testing standards, playbooks, and templates .
Required Qualifications 25 years
of professional experience in penetration testing, offensive security, or vulnerability research. Strong knowledge of: Web application security
(OWASP Top 10, API vulnerabilities) Network and infrastructure security , including routing, segmentation, and privilege escalation Operating system internals
(Windows, Linux) and common misconfigurations Proficiency with leading tools such as: Burp Suite, Nmap, Metasploit, Nessus, Wireshark, SQLmap, Hydra, BloodHound, or equivalent frameworks Scripting ability in
Python, PowerShell, or Bash
for custom exploitation or automation. Familiarity with
cloud security testing
(AWS IAM, Azure AD, containerized workloads). Excellent documentation and client-facing communication skills.
Preferred Certifications OSCP, eJPT, CEH, GPEN, HTB CPTS or similar offensive security certifications Cloud or DevSecOps certifications
(e.g., AWS Security Specialty, AZ-500) are advantageous
Core Competencies Analytical and detail-driven with a strong understanding of risk prioritization Skilled at
translating technical findings into business impact Adaptable and resourceful across varying technologies and environments Committed to continuous learning and professional development in cybersecurity
Penetration Tester
with 25 years of hands-on experience performing end-to-end security assessments across a variety of technologies and environments. The role involves conducting comprehensive evaluations of applications, networks, and infrastructure, identifying exploitable weaknesses, and delivering clear, actionable remediation guidance to stakeholders at all levels.
Key Responsibilities Execute
comprehensive penetration tests
on diverse environments including: Web and mobile applications Internal and external networks APIs and cloud-hosted services (AWS, Azure, GCP) Infrastructure components, Active Directory, and enterprise systems Perform
threat modeling, exploitation, and post-exploitation
activities to determine true business impact. Assess both
technical and procedural security controls , validating configurations and identifying weaknesses in authentication, authorization, and data protection. Develop and maintain
custom scripts, payloads, and automation tools
to enhance testing depth and efficiency. Produce
detailed technical reports
with risk ratings, reproduction steps, and practical mitigation recommendations. Deliver
executive summaries and presentations
that translate technical findings into business risk terms. Collaborate with engineering, development, and security teams to
support remediation and retesting efforts . Stay informed on
emerging vulnerabilities, exploits, and security frameworks , integrating new techniques into testing methodologies. Contribute to the ongoing
refinement of internal testing standards, playbooks, and templates .
Required Qualifications 25 years
of professional experience in penetration testing, offensive security, or vulnerability research. Strong knowledge of: Web application security
(OWASP Top 10, API vulnerabilities) Network and infrastructure security , including routing, segmentation, and privilege escalation Operating system internals
(Windows, Linux) and common misconfigurations Proficiency with leading tools such as: Burp Suite, Nmap, Metasploit, Nessus, Wireshark, SQLmap, Hydra, BloodHound, or equivalent frameworks Scripting ability in
Python, PowerShell, or Bash
for custom exploitation or automation. Familiarity with
cloud security testing
(AWS IAM, Azure AD, containerized workloads). Excellent documentation and client-facing communication skills.
Preferred Certifications OSCP, eJPT, CEH, GPEN, HTB CPTS or similar offensive security certifications Cloud or DevSecOps certifications
(e.g., AWS Security Specialty, AZ-500) are advantageous
Core Competencies Analytical and detail-driven with a strong understanding of risk prioritization Skilled at
translating technical findings into business impact Adaptable and resourceful across varying technologies and environments Committed to continuous learning and professional development in cybersecurity