Conduct penetration testing on web applications, APIs, mobile apps, networks, and cloud environments
Perform vulnerability assessments and exploit security weaknesses
Document findings with clear risk ratings, proof of concepts, and remediation steps
Collaborate with development, infrastructure, and security teams to fix issues
Validate fixes through re-testing and continuous security assessments
Stay current with emerging threats, tools, and attack techniques
5+ years of hands-on experience in penetration testing or offensive security
Strong knowledge of OWASP Top 10, SANS Top 25, and MITRE ATT&CK
Experience with tools like Burp Suite, Metasploit, Nessus, Nmap, SQLmap, etc.
Solid understanding of web technologies, APIs, authentication, and encryption
Experience with Linux, Windows, networking, and scripting (Python, Bash, PowerShell)