Penetration Test and Vulnerability Assessment Expert

What You Will Do

Conduct comprehensive Penetration Testing (PT), Vulnerability Assessments (VA), and Source Code Security Reviews on IT assets, including infrastructure, web applications, and military applications.

Develop tailored security assessment tools and scripts to enhance testing capabilities and address evolving threat vectors.

Document findings, conduct analysis, and prepare detailed technical reports, including executive summaries for various stakeholders.

Collaborate with security engineers, developers, and other stakeholders to provide actionable guidance on remediating identified security risks and vulnerabilities.

Provide expertise in the design and implementation of security controls across applications, infrastructure, and network systems.

Develop and deliver specialized training and awareness programs to elevate the cybersecurity capabilities of the SAF personnel, with opportunities for growth in leadership and knowledge-sharing in the military cybersecurity context.

Maintain up-to-date knowledge of emerging threats, security best practices, and industry-standard frameworks.

What You Will Bring

• Education in Information Security, Computer Science, IT, or a related field.
• Minimum of 1 year of hands-on experience in conducting PT and VA, with a strong preference for experience in military or government-focused penetration testing
• Industry-recognized certifications such as CREST CRT, GPEN, or OSCP
• Strong understanding of web application, infrastructure, and network security architecture.
• Excellent communication and presentation skills, with a focus on conveying complex security findings to both technical and non-technical stakeholders.
• Demonstrated ability to work independently and collaboratively within cross-functional teams.
• Highly analytical, self-driven, and committed to continuous learning and skill enhancement.

Good to Have

• Proficiency in scripting languages, such as Python, PowerShell, JavaScript, VBScript, Ruby, or Perl.
• Track record of identifying and disclosing vulnerabilities or recognition in Capture-The-Flag (CTF) competitions.
• Proficiency with tools such as BurpSuite, Metasploit, Nexpose, Nessus, and other industry-standard penetration testing and vulnerability assessment tools.
• Experience conducting security assessments on application infrastructure, networks, and cloud-based systems.
• Join us in shaping the future of defence technology. Apply today!