Penetration Tester

Job Title : Senior Offensive Cybersecurity Specialist (Banking)

Location: Doha , Qatar

Industry: Banking

Contract Type: Yearly Renewable

Employment Type: Full-Time – Consultant.

Position Summary:

We are seeking a highly skilled Senior Penetration Testing Specialist with a minimum of 5 years of hands-on penetration testing experience across applications, networks, cloud, and infrastructure. The ideal candidate must demonstrate deep technical expertise in offensive security methodologies, exploitation techniques, and advanced penetration testing practices. A strong understanding of PCI DSS penetration testing requirements, segmentation testing, and industry-standard offensive frameworks is essential.

Key Responsibilities:

Penetration Testing (Core Focus)

• Plan, execute, and document penetration tests across web, mobile apps, APIs, networks, cloud, and containers.
• Conduct PCI DSS–aligned penetration tests including segmentation and internal/external testing.
• Perform exploitation, privilege escalation, post-exploitation, and lateral movement.

Reporting & Documentation

• Produce high-quality, tailored penetration test reports.
• Provide remediation guidance aligned with compliance requirements.
• Document procedures and evidence for PCI DSS audit needs.

Security Collaboration & Advisory

• Work closely with dev, cloud, DevOps, and infra teams.

Autonomous Execution & Ownership

• Take full ownership of assigned projects, deliverables and lead end-to-end testing with minimal supervision.
• Proactively identify weaknesses and misconfigurations.

Communication & Collaboration

• Translate technical findings into clear, actionable insights for both technical and non-technical stakeholders.
• Collaboration with application, cloud, DevOps, infrastructure, compliance, and cybersecurity teams.
• Maintain confidentiality with respect to commercially sensitive information.

Qualifications:

Required:

• Degree in Information Security, IT, or related field.
• Minimum 5 years of hands-on penetration testing experience.
• Certifications such as OSCP, OSCE3, OSEP, GPEN, GWAPT, GXPN, CRTO.
• Strong skills in app, infra, cloud, and API security testing.
• Mandatory knowledge of PCI DSS testing requirements.
• Proficiency with Burp Suite, Nmap, Metasploit, Kali, BloodHound, etc.
• Strong reporting and communication skills.
• Knowledge of secure coding practices and application security frameworks (e.g., OWASP Top 10).

Preferred:

• Experience with cloud platforms (AWS, Azure, GCP) and their native security services.