100% Remote Penetration Tester with CISSP Certifi.

Role - 100% Remote PENETRATION TESTER with CISSP Certifi. Location -- REMOTE Duration --- 3 -- 6+ months Role Overview We are looking for a Senior Consultant to lead advanced offensive security engagements, including red teaming, application security testing, and cloud/infrastructure assessments. This role requires deep technical expertise, strong delivery ownership, and the ability to simulate real-world threat actors in mature security environments.

Key Responsibilities

• Lead end-to-end Red Team engagements using black-box and grey-box approaches:
• OSINT, reconnaissance, credential harvesting
• Initial access, lateral movement, persistence, and data exfiltration scenarios
• Design and execute attack scenarios aligned with real-world threat actors (MITRE ATT&CK)
• Perform advanced Web Application Penetration Testing:
• Authenticated testing, business logic abuse, API security, session/auth flaws
• Lead Infrastructure & Cloud Security Assessments (VPN security - SSL/IPSec, secure configuration validation, AWS security assessments, architecture, configurations, security controls review)
• Conduct and oversee:
• Phishing simulations and credential attacks (password spraying)
• Adversary simulation exercises (Red/Blue Team)
• Support Blue Team validation by simulating realistic attack paths requiring detection & response
• Physical Security & Social Engineering Assessments:
• Tailgating, impersonation, visitor-based access scenarios
• Mentor junior team members and review technical deliverables
• Produce executive-ready reports with risk-based prioritization and evidence-backed findings
• Engage with client stakeholders and support regulatory/security assurance requirements

Required Skills & Experience

• 6–10+ years in penetration testing / red teaming / adversary simulation
• Deep expertise in:
• Application security (OWASP Top 10, auth, APIs, logic flaws)
• Network and infrastructure exploitation
• Active Directory attacks, credential abuse, lateral movement
• VPN and remote access security
• Cloud security (AWS preferred – multi-account environments)
• Strong hands-on with:
• Cobalt Strike , Burp Suite Pro, BloodHound, Mimikatz, Metasploit
• Experience working in regulated environments (financial sector preferred)

Preferred Certifications

• CISM
• OSCP, OSCE, CRTO, CISSP (highly desirable)

Leadership & Delivery Expectations

• Ability to lead complex, multi-layered engagements independently
• Strong stakeholder communication and reporting skills
• Ability to align testing outcomes with regulatory and risk-based objectives

Good to Have

• Experience with:
• Physical security assessments & social engineering
• Tabletop exercises (TTX) and cyber resilience validation
• O365 security testing

GAURAV GAUR Team Lead Recruitment DMS VISIONS INC. |