Senior Penetration Tester

This is a remote position.

Location: Remote
Engagement Type: Project-based Assignment; B2B Contract  (Outside IR35)
Duration: 4 months with auto renew
Timezone: CET ± 3 hours

Be part of our Global Engineering Network!

One of our clients, an international consulting firm is looking for highly skilled seeking an experienced Penetration Tester with strong expertise in penetration testing, vulnerability management, and threat intelligence. The ideal candidate will  have hands-on experience with Threat-Led Penetration Testing (TLPT) / TIBER frameworks. This role involves conducting advanced penetration tests, identifying security vulnerabilities, and simulating real-world cyber threats to enhance the security posture of our clients.

Key Deliverables

• Conduct extensive penetration tests across networks, applications, cloud environments, and infrastructure.
  
• Perform vulnerability assessments and provide risk-based remediation recommendations.
  
• Lead Threat-Led Penetration Testing (TLPT) / TIBER engagements, working with financial institutions and regulatory bodies.
  
• Utilize Threat Intelligence methodologies to simulate realistic attack scenarios.
  
• Produce detailed technical reports outlining findings, risk levels, and mitigation strategies.
  
• Collaborate with security teams, SOC analysts, and blue teams to improve defensive strategies.
  
• Stay updated on the latest attack techniques, tools, and industry best practices.
  

Requirements

Ideal Profile

• 5+ years experience in Penetration Testing.
  
• Experience in doing API, web and mobile application penetration testing.
  
• Red team and secure configuration review experience will be a plus.
  
• TLPT / TIBER Framework knowledge and implementation experience is required.
  
• Threat Intelligence experience and ability to apply it to penetration testing
  
• Proficiency in tools like Burp Suite, Metasploit, Cobalt Strike, Kali Linux, BloodHound, and exploit development
  
• Strong understanding of red teaming, adversary simulation, and attack paths
  
• Familiarity with MITRE ATT&CK, NIST, and other cybersecurity frameworks
  
• Experience in cloud penetration testing (AWS, Azure, GCP)
  
• Background in red team operations and purple teaming
  
• Certifications: OSCP, OSEP (required)
  

Why Partner with Us?

·         Clear scope with no ambiguity over deliverables.

·         Opportunity for repeat engagements based on performance.

Selection Process

1.      Proposal Submission

o    Submit your professional profile/CV by applying on the role.

2.      Business Alignment Call

o    30-min virtual discussion with Human Capital Consultant to review scope

3.      Verification

o    Opportunity to complete Castille Vetting (background/compliance checks)

4.      Client Skills Review

o    Direct interview with end client to discuss project specifics

o    Project-specific technical assessment (if required)

Ongoing Business Support

·         Access to CX guidance and market insights through our professional network.