Penetration Tester

2 days ago

Lahore, Punjab, Pakistan HR Ways Full time

Our client company is the top listed studio working in AR and VR.

Job Description:

We are seeking a highly skilled and motivated Penetration Tester to join our dynamic security team. The ideal candidate will possess deep expertise in exploit development, reverse engineering, or OPSEC and a wide range of penetration testing domains including Cloud, Web 2.0 and 3.0 Applications, Network, AI, and API security. This role involves identifying vulnerabilities, assessing risks, and providing actionable recommendations to enhance the security posture of our organization.

Responsibilities:

  • Develop and deploy custom exploits for identified vulnerabilities.
  • Research and stay updated with the latest exploit techniques and methodologies.
  • Contribute to the development of in-house tools for exploitation and vulnerability assessment.
  • Perform static and dynamic analysis of binaries and source code.
  • Develop tools and scripts to automate reverse engineering tasks.
  • Conduct security assessments of cloud infrastructure and services (AWS, Azure, GCP).
  • Identify misconfigurations and vulnerabilities in cloud environments.
  • Provide recommendations for securing cloud architectures and deployments.
  • Perform thorough security assessments of web and mobile applications.
  • Identify and exploit vulnerabilities such as SQL injection, XSS, CSRF, and authentication flaws.
  • Collaborate with development teams to remediate identified issues.
  • Conduct internal and external network penetration tests.
  • Identify and exploit vulnerabilities in network protocols, services, and configurations.
  • Assess the security of network devices such as routers, switches, and firewalls.
  • Perform detailed security assessments of web applications and services.
  • Identify common Web vulnerabilities (OWASP Top 10) and provide remediation guidance.
  • Utilize both automated tools and manual techniques for comprehensive testing.
  • Assess the security of RESTful and SOAP APIs.
  • Identify and exploit vulnerabilities in API endpoints and data handling processes.
  • Provide recommendations for secure API design and implementation.
  • Adhere to industry standards and methodologies such as OWASP, NIST, OSSTMM and ISO for penetration testing.
  • Develop and maintain comprehensive documentation and reports for security assessments.
  • Stay current with the latest trends, tools, and techniques in penetration testing and cybersecurity.

Requirements:

  • Critical Thinking and approach of thinking outside the box.
  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field.
  • Relevant certifications (e.g. OSCP, OSWE, CTRO, CTRP, CPTS, ASCP, or eCPPT) are highly desirable.
  • Proven experience in exploit development and reverse engineering or OPSEC.
  • Strong understanding of cloud security principles and practices.
  • Extensive knowledge of web technologies, network protocols, and application security.
  • Experience with penetration testing tools such as Metasploit, Burp Suite, Nmap, Wireshark, C2 frameworks and others.
  • Able to describe technical findings in a high-level summary and present it to stakeholders.
  • Excellent analytical and problem-solving skills.
  • Willing to learn new concepts of cybersecurity and adopt a cybersecurity mindset.

Good to Have:

  • Basic understanding of Secure SDLC and DevSecOps.
  • Experience in Web 3.0 security testing, including smart contract security assessments and decentralized application (dApp) penetration testing.
  • Strong understanding of Solidity security best practices and Ethereum Virtual Machine (EVM) vulnerabilities, such as reentrancy, integer overflow/underflow, and access control flaws.
  • Familiarity with blockchain security frameworks, auditing tools (e.g., Slither, Mythril, Echidna), and best practices for securing smart contracts and Layer 2 solutions.
  • Knowledge of AI/LLM security risks based on OWASP Top 10 for LLM Applications, including prompt injection, data leakage, model manipulation, and adversarial attacks.
  • Hands-on experience with LLM red teaming and securing AI-driven applications against evolving threats.

Other Details:

Working Timings: Monday to Friday 9:30 am - 6:30 pm
Location: DHA Phase 6 Lahore
Experience: 2-3 years

- Medical Insurance for the Employee and the family
- 22 Leaves
- Annual Increment
- Performance-based Bonus

#J-18808-Ljbffr

  • Penetration Tester

    2 weeks ago

    Lahore, Punjab, Pakistan Genius Inc Full time

    We are looking for a skilled Penetration Tester to join our team of cybersecurity experts at Genius Inc. As a Penetration Tester, you will be responsible for simulating cyber attacks on our clients' systems to identify vulnerabilities and improve their security.Job DescriptionYour primary responsibilities will include:Key Responsibilities:Simulating cyber...

  • Penetration Tester

    2 weeks ago

    Lahore, Punjab, Pakistan Catalyic Security Full time

    About the RoleWe are looking for a highly skilled and experienced Senior OT Penetration Tester to join our team at Catalyic Security. The successful candidate will be responsible for leading our red team operations, conducting comprehensive penetration tests, and managing a team of penetration testers.Responsibilities:Lead red team operations targeting OT...

  • Senior OT Penetration Tester

    4 weeks ago

    Lahore, Punjab, Pakistan Catalyic Security Full time

    Key Responsibilities:Lead red team operations targeting OT environments, including ICS/SCADA systems, PLCs, DCS, and industrial networksConduct comprehensive penetration tests on IoT devices, industrial protocols (Modbus, PROFINET, DNP3), and web-based HMI interfacesManage a team of 2-3 penetration testers, providing technical guidance, career development,...

  • Advanced Penetration Tester

    2 weeks ago

    Lahore, Punjab, Pakistan Catalyic Security Full time

    About the Job: We are seeking an experienced Senior Offensive Security Engineer to join our team. As a key member of our penetration testing group, you will be responsible for leading red team operations and delivering high-quality results to our clients.Key Responsibilities:Architect and execute advanced red team simulations mimicking nation-state...

  • Penetration Tester Specialist

    2 days ago

    Lahore, Punjab, Pakistan HR Ways Full time

    About Us:At HR Ways, we strive to be the top listed studio working in AR and VR while delivering exceptional cybersecurity services. Our innovative approach and commitment to excellence set us apart from others.Job Description:This role involves identifying vulnerabilities, assessing risks, and providing actionable recommendations to enhance the security...

  • Red Team Lead

    2 weeks ago

    Lahore, Punjab, Pakistan Catalyic Security Full time

    Job RequirementsWe are looking for a highly skilled and experienced Senior OT Penetration Tester to join our team at Catalyic Security. The successful candidate will be responsible for leading our red team operations, conducting comprehensive penetration tests, and managing a team of penetration testers.Responsibilities:Lead red team operations targeting OT...

  • Senior Information Security Analyst

    2 weeks ago

    Lahore, Punjab, Pakistan Catalyic Security Full time

    About the PositionThe Senior OT Penetration Tester will be responsible for leading our red team operations and conducting comprehensive penetration tests on IoT devices, industrial protocols, and web-based HMI interfaces. The successful candidate will also manage a team of 2-3 penetration testers, providing technical guidance, career development, and quality...

  • Cybersecurity Specialist

    2 weeks ago

    Lahore, Punjab, Pakistan Catalyic Security Full time

    Job DescriptionCatalyic Security is seeking a highly skilled and experienced Senior OT Penetration Tester to lead our red team operations targeting OT environments. This role involves conducting comprehensive penetration tests on IoT devices, industrial protocols, and web-based HMI interfaces.Key Responsibilities:Lead red team operations targeting OT...

  • Information Security Analyst

    2 days ago

    Lahore, Punjab, Pakistan HR Ways Full time

    About This Position:We are looking for a highly skilled Penetration Tester Specialist to join our dynamic security team. The ideal candidate will possess deep expertise in exploit development, reverse engineering, or OPSEC and a wide range of penetration testing domains including Cloud, Web 2.0 and 3.0 Applications, Network, AI, and API security.Key...

  • Application Security Analyst

    3 weeks ago

    Lahore, Punjab, Pakistan CureMD Full time

    Job Overview:The Application Security Analyst at CureMD plays a critical role in safeguarding our applications, data, and systems from potential security threats and vulnerabilities. This position involves in-depth technical expertise, and proactive security measures to maintain the integrity, confidentiality, and availability of our applications. As a...

  • Cyber Security Engineer

    4 weeks ago

    Lahore, Punjab, Pakistan HR Ways Full time

    About the company we're hiring for Currently:The company is an AI fintech platform revolutionizing the music industry by providing private equity tools for music.About the RoleWe are looking for an experienced Red Team Cyber Security Expert to join our security team and play a crucial role in identifying, exploiting, and reporting vulnerabilities across our...

  • Cyber Security Engineer

    4 weeks ago

    Lahore, Punjab, Pakistan HR WAYS Full time

    About the job Cyber Security EngineerAbout the company we're hiring for Currently:The company is an AI fintech platform revolutionizing the music industry by providing private equity tools for music.About the RoleWe are looking for an experienced Red Team Cyber Security Expert to join our security team and play a crucial role in identifying, exploiting, and...