100% Remote Penetration Tester with CISSP Certifi.

Role - 100% Remote PENETRATION TESTER with CISSP Certifi. Location -- REMOTE Duration --- 3 -- 6+ months Role Overview We are looking for a Senior Consultant to lead advanced offensive security engagements, including red teaming, application security testing, and cloud/infrastructure assessments. This role requires deep technical expertise, strong delivery ownership, and the ability to simulate real-world threat actors in mature security environments. Key Responsibilities • Lead end-to-end Red Team engagements using black-box and grey-box approaches: • OSINT, reconnaissance, credential harvesting • Initial access, lateral movement, persistence, and data exfiltration scenarios • Design and execute attack scenarios aligned with real-world threat actors (MITRE ATT&CK) • Perform advanced Web Application Penetration Testing: • Authenticated testing, business logic abuse, API security, session/auth flaws • Lead Infrastructure & Cloud Security Assessments (VPN security - SSL/IPSec, secure configuration validation, AWS security assessments, architecture, configurations, security controls review) • Conduct and oversee: • Phishing simulations and credential attacks (password spraying) • Adversary simulation exercises (Red/Blue Team) • Support Blue Team validation by simulating realistic attack paths requiring detection & response • Physical Security & Social Engineering Assessments: • Tailgating, impersonation, visitor-based access scenarios • Mentor junior team members and review technical deliverables • Produce executive-ready reports with risk-based prioritization and evidence-backed findings • Engage with client stakeholders and support regulatory/security assurance requirements Required Skills & Experience • 6–10+ years in penetration testing / red teaming / adversary simulation • Deep expertise in: • Application security (OWASP Top 10, auth, APIs, logic flaws) • Network and infrastructure exploitation • Active Directory attacks, credential abuse, lateral movement • VPN and remote access security • Cloud security (AWS preferred – multi-account environments) • Strong hands-on with: • Cobalt Strike , Burp Suite Pro, BloodHound, Mimikatz, Metasploit • Experience working in regulated environments (financial sector preferred) Preferred Certifications • CISM • OSCP, OSCE, CRTO, CISSP (highly desirable) Leadership & Delivery Expectations • Ability to lead complex, multi-layered engagements independently • Strong stakeholder communication and reporting skills • Ability to align testing outcomes with regulatory and risk-based objectives Good to Have • Experience with: • Physical security assessments & social engineering • Tabletop exercises (TTX) and cyber resilience validation • O365 security testing GAURAV GAUR Team Lead Recruitment DMS VISIONS INC. |