Job description

The Senior Specialist - Penetration Testing (Core42) is a key member of the Red Team responsible for conducting advanced penetration testing and red teaming activities across the organization’s infrastructure, applications, and networks. The role involves identifying vulnerabilities, assessing overall security posture, and collaborating with internal teams to ensure timely remediation and system hardening. The specialist performs end-to-end testing on internal and external assets, leveraging open-source intelligence (OSINT) and threat intelligence to simulate real-world attacks. Responsibilities include application security testing on both web and mobile platforms, manual and automated source code reviews, and comprehensive security assessments for wireless and IoT devices. The role also supports vulnerability management, ensuring prioritization and remediation across all assets. Additional responsibilities include performing network and configuration reviews of firewalls, VPNs, and Active Directory environments (Azure and on-prem), implementing CIS-aligned hardening standards, and documenting detailed test methodologies, findings, and remediation steps. The position demands hands-on technical expertise in industry-standard tools such as Burp Suite, Metasploit, Nmap, Kali Linux, and Bloodhound, as well as scripting proficiency in Python, PowerShell, and Bash. The ideal candidate will hold relevant certifications like OSCP, OSCE, CRTP, CREST, CISSP, or GWAPT and possess strong communication skills to articulate complex technical findings to both technical and executive stakeholders.