Skip to content

Penetration Tester

  • Remote
    • cairo, Al Qāhirah, Egypt

Job description

We are looking for a Penetration Tester to identify vulnerabilities and strengthen our security posture across applications, networks, and cloud environments. If you have expertise in security assessments and risk mitigation, we invite you to apply.

Key Responsibilities:

  • Conduct penetration tests on web applications, APIs, mobile apps, networks, and cloud environments.

  • Identify and exploit vulnerabilities to assess security risks.

  • Perform vulnerability assessments and provide actionable insights.

  • Document findings and provide detailed, structured reports with remediation recommendations.

  • Work closely with development and operations teams to ensure effective mitigation of vulnerabilities.

  • Stay up to date with the latest vulnerabilities, attack vectors, and security trends.

  • Recommend and implement security best practices and testing methodologies.

  • Assist in developing and enhancing security testing tools and processes.

  • Ensure compliance with security standards and frameworks (e.g., OWASP, PCI DSS, ISO 27001).

Job requirements

  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field.

  • 3+ years of hands-on experience in penetration testing and vulnerability assessments.

  • Experience with API security testing.

  • Solid understanding of OWASP Top 10 and common security vulnerabilities.

  • Strong understanding of mobile application security concepts (OWASP MAS).

  • Proficiency in penetration testing tools such as Burp Suite, Metasploit, Nmap, Nessus, Nikto, Wireshark, etc.

  • Experience with scripting languages like Python, Bash, or PowerShell.

  • Familiarity with cloud security (AWS, Azure, or Google Cloud).

  • Strong knowledge of network protocols, operating systems, and application security.

  • Relevant certifications like OSCP, CEH, GPEN, or CISSP (preferred).

  • Strong analytical, problem-solving, and communication skills.

  • Knowledge of DevSecOps practices and integrating security into CI/CD pipelines.

  • Familiarity with regulatory frameworks and compliance requirements.

or