RemoteLeaf Logo
Log in Sign up

Penetration Tester

3 weeks, 4 days ago
Pakistan
Full-time
Mid Level
Penetration Tester
Cybersecurity
Active Directory AWS Azure Bash Burp Suite Metasploit Nmap PowerShell Python SIEM SOC
Apply Now
FirmaTRUST

FirmaTRUST

FirmaTRUST provides AI-driven managed IT services and advanced cybersecurity solutions, ensuring 24/7 global human support to help businesses operate securely and efficiently without downtime.

Internet Software & Services
Founded 1996
View All Jobs 2

Description

  • Perform Active Directory penetration testing to identify privilege escalation paths, insecure configurations, and lateral movement opportunities.
  • Conduct internal and external network penetration tests to uncover vulnerabilities across enterprise infrastructure.
  • Perform web application penetration testing covering authentication, input validation, session management, and business logic.
  • Identify, analyze, and document security misconfigurations across systems, services, and network infrastructure.
  • Conduct security audits and configuration reviews against best practices and industry standards.
  • Perform risk assessments by evaluating vulnerabilities, misconfigurations, and business impact.
  • Document findings with clear risk ratings, remediation guidance, and mitigation recommendations.
  • Participate in purple-team engagements by simulating attacker techniques with defensive teams.
  • Support threat simulation exercises using real-world attack techniques and frameworks such as MITRE ATT&CK.
  • Collaborate with SOC and defensive teams to improve alerting, monitoring, and threat detection use cases.
  • Assist in validating remediation efforts through retesting and verification of fixes.
  • Prepare technical and executive-level reports summarizing findings, risks, and recommended actions.

Requirements

  • Hands-on experience in Active Directory security assessments and penetration testing.
  • Strong knowledge of network penetration testing methodologies.
  • Experience in web application security testing, including OWASP Top 10.
  • Understanding of security configuration reviews and misconfiguration analysis.
  • Experience performing vulnerability validation and risk analysis.
  • Hands-on experience with Nmap, Burp Suite, Metasploit, BloodHound, Impacket, and CrackMapExec.
  • Strong understanding of Windows security architecture and Active Directory attack techniques.
  • Knowledge of network protocols, authentication mechanisms, and common attack vectors.
  • Experience with purple-team exercises is preferred.
  • Exposure to SOC operations, SIEM platforms, or security monitoring is preferred.
  • Familiarity with the MITRE ATT&CK framework is preferred.
  • Scripting knowledge in Python, PowerShell, or Bash is preferred.
  • Exposure to cloud security assessments in Azure or AWS is preferred.
  • PNPT, eCPPT, GPEN, or GWAPT certifications are preferred.
  • Strong analytical and problem-solving mindset.
  • Ability to clearly communicate technical risks and remediation steps.
  • Good documentation and reporting skills.
  • Ability to collaborate with both offensive and defensive security teams.
  • Curiosity and passion for continuous learning in cybersecurity.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Belmont Lavan

Oracle Security & Controls consultant 6 Months Contract

Belmont Lavan 11-50 Professional Services

Belmont Lavan Ltd is hiring an Oracle Security & Controls Consultant for a 6-month contract to assess, design, and implement security controls across Oracle environments that support data integrity, confidentiality, and regulatory compliance.

Sweden Denmark Contract Mid Level Database Administrator Penetration Tester
Oracle
9 hours, 58 minutes ago
BHG Financial

Senior Information Security GRC Specialist

BHG Financial 1K-5K Diversified Financial Services

BHG Financial is hiring a Senior Information Security GRC Specialist to lead enterprise business continuity and disaster recovery efforts while supporting risk and compliance initiatives for its financial services operations.

United States Full-time Senior Penetration Tester
9 hours, 58 minutes ago
Bridewell

Senior Penetration Tester

Bridewell 251-1K Internet Software & Services

Bridewell is hiring a Senior Penetration Tester to deliver client-facing offensive security assessments across web applications, APIs, and infrastructure while supporting reporting, pre-sales, and service development.

United Kingdom Full-time Senior Penetration Tester
AWS Azure Bash Cybersecurity GCP LLM Penetration Testing PowerShell Python
10 hours, 13 minutes ago
M

Pentester, Offensive Forward Deployment Engineer

Mistral AI 201-500 Artificial Intelligence

Mistral AI is hiring a hands-on Pentester for its Offensive Security team to run real client engagements, uncover vulnerabilities in Mistral’s systems and external targets, and help shape AI-assisted offensive security capabilities.

France United Kingdom Full-time Senior Penetration Tester
Active Directory AWS Azure CI/CD GCP Penetration Testing
10 hours, 28 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers