Senior Penetration Tester / Cyber Security Specialist

GSSTech Group

Key Responsibilities Security Testing

• Conduct penetration testing across web applications, mobile applications, APIs, internal and external networks, and cloud environments.
• Perform vulnerability assessments and exploit validation using industry-standard tools and manual techniques.
• Identify security weaknesses including misconfigurations, insecure coding practices, and potential attack vectors.
• Perform wireless network security assessments and evaluate network segmentation and access controls.

Security Analysis

• Simulate real-world cyber-attack scenarios to evaluate organisational security posture.
• Analyse vulnerabilities and prioritise risks based on business impact.
• Support red team and adversary simulation exercises where required.

Reporting & Remediation

• Prepare detailed technical reports and executive summaries with risk ratings and remediation recommendations.
• Work with infrastructure and development teams to validate remediation actions.
• Conduct re-testing activities to ensure vulnerabilities are properly addressed.

Collaboration

• Work closely with SOC, infrastructure, and development teams to improve security controls.
• Support incident response teams with technical insights and attack simulations.
• Participate in security awareness and knowledge-sharing sessions.

Required Skills

• Strong experience in network, web, API, and cloud penetration testing
• Knowledge of OWASP Top 10, MITRE ATT&CK, PTES frameworks
• Hands-on experience with tools such as
• Burp Suite
• Metasploit
• Nmap
• Wireshark
• Nessus
• MobSF
• Understanding of network security, authentication mechanisms, and encryption protocols
• Experience performing wireless security testing

Preferred Skills

• Exposure to IoT / smart devices / industrial networks is an advantage.
• Knowledge of secure coding practices and threat modelling
• Experience with scripting languages such as Python, Bash, or PowerShell