Inspira Enterprise
We are looking for a
Penetration Tester
with 2–5 years of hands‑on experience performing end‑to‑end security assessments across a variety of technologies and environments. The role involves conducting comprehensive evaluations of applications, networks, and infrastructure, identifying exploitable weaknesses, and delivering clear, actionable remediation guidance to stakeholders at all levels.
Key Responsibilities
Execute
comprehensive penetration tests
on diverse environments including:
Web and mobile applications
Internal and external networks
APIs and cloud‑hosted services (AWS, Azure, GCP)
Infrastructure components, Active Directory, and enterprise systems
Perform
threat modeling, exploitation, and post‑exploitation
activities to determine true business impact.
Assess both
technical and procedural security controls , validating configurations and identifying weaknesses in authentication, authorization, and data protection.
Develop and maintain
custom scripts, payloads, and automation tools
to enhance testing depth and efficiency.
Produce
detailed technical reports
with risk ratings, reproduction steps, and practical mitigation recommendations.
Deliver
executive summaries and presentations
that translate technical findings into business risk terms.
Collaborate with engineering, development, and security teams to
support remediation and retesting efforts .
Stay informed on
emerging vulnerabilities, exploits, and security frameworks , integrating new techniques into testing methodologies.
Contribute to the ongoing
refinement of internal testing standards, playbooks, and templates .
Required Qualifications
2–5 years
of professional experience in penetration testing, offensive security, or vulnerability research.
Strong knowledge of:
Web application security
(OWASP Top 10, API vulnerabilities)
Network and infrastructure security , including routing, segmentation, and privilege escalation
Operating system internals
(Windows, Linux) and common misconfigurations
Proficiency with leading tools such as:
Burp Suite, Nmap, Metasploit, Nessus, Wireshark, SQLmap, Hydra, BloodHound, or equivalent frameworks
Scripting ability in
Python, PowerShell, or Bash
for custom exploitation or automation.
Familiarity with
cloud security testing
(AWS IAM, Azure AD, containerized workloads).
Excellent documentation and client‑facing communication skills.
Preferred Certifications
OSCP, eJPT, CEH, GPEN, HTB CPTS or similar offensive security certifications
Cloud or DevSecOps certifications
(e.g., AWS Security Specialty, AZ-500) are advantageous
Core Competencies
Analytical and detail‑driven with a strong understanding of risk prioritization
Skilled at
translating technical findings into business impact
Adaptable and resourceful across varying technologies and environments
Committed to continuous learning and professional development in cybersecurity
Seniority Level Mid‑Senior level
Employment Type Contract
Job Function Information Technology
Industries IT Services and IT Consulting; Computer and Network Security
#J-18808-Ljbffr
Penetration Tester
with 2–5 years of hands‑on experience performing end‑to‑end security assessments across a variety of technologies and environments. The role involves conducting comprehensive evaluations of applications, networks, and infrastructure, identifying exploitable weaknesses, and delivering clear, actionable remediation guidance to stakeholders at all levels.
Key Responsibilities
Execute
comprehensive penetration tests
on diverse environments including:
Web and mobile applications
Internal and external networks
APIs and cloud‑hosted services (AWS, Azure, GCP)
Infrastructure components, Active Directory, and enterprise systems
Perform
threat modeling, exploitation, and post‑exploitation
activities to determine true business impact.
Assess both
technical and procedural security controls , validating configurations and identifying weaknesses in authentication, authorization, and data protection.
Develop and maintain
custom scripts, payloads, and automation tools
to enhance testing depth and efficiency.
Produce
detailed technical reports
with risk ratings, reproduction steps, and practical mitigation recommendations.
Deliver
executive summaries and presentations
that translate technical findings into business risk terms.
Collaborate with engineering, development, and security teams to
support remediation and retesting efforts .
Stay informed on
emerging vulnerabilities, exploits, and security frameworks , integrating new techniques into testing methodologies.
Contribute to the ongoing
refinement of internal testing standards, playbooks, and templates .
Required Qualifications
2–5 years
of professional experience in penetration testing, offensive security, or vulnerability research.
Strong knowledge of:
Web application security
(OWASP Top 10, API vulnerabilities)
Network and infrastructure security , including routing, segmentation, and privilege escalation
Operating system internals
(Windows, Linux) and common misconfigurations
Proficiency with leading tools such as:
Burp Suite, Nmap, Metasploit, Nessus, Wireshark, SQLmap, Hydra, BloodHound, or equivalent frameworks
Scripting ability in
Python, PowerShell, or Bash
for custom exploitation or automation.
Familiarity with
cloud security testing
(AWS IAM, Azure AD, containerized workloads).
Excellent documentation and client‑facing communication skills.
Preferred Certifications
OSCP, eJPT, CEH, GPEN, HTB CPTS or similar offensive security certifications
Cloud or DevSecOps certifications
(e.g., AWS Security Specialty, AZ-500) are advantageous
Core Competencies
Analytical and detail‑driven with a strong understanding of risk prioritization
Skilled at
translating technical findings into business impact
Adaptable and resourceful across varying technologies and environments
Committed to continuous learning and professional development in cybersecurity
Seniority Level Mid‑Senior level
Employment Type Contract
Job Function Information Technology
Industries IT Services and IT Consulting; Computer and Network Security
#J-18808-Ljbffr