Mid – Senior Penetration Tester – JHB at Datafin Recruitment

ENVIRONMENT:


A leading cybersecurity company based in Johannesburg is seeking a skilled and detail-oriented Red Team Penetration Tester/Security Analyst to join their dynamic team.
The ideal candidate will have 2-5 years of hands-on experience in Penetration Testing, with a strong background in identifying and mitigating security vulnerabilities across various environments.
This role involves conducting comprehensive security assessments, including but not limited to network, mobile, web, thick-client, wireless, social engineering, and physical penetration testing.
The successful candidate will be responsible for analysing security risks, providing actionable recommendations, and collaborating with clients and internal teams to enhance overall cybersecurity posture. If you are passionate about ethical hacking, threat analysis, and proactive security measures, this is an excellent opportunity to grow your career in a fast-paced and innovative environment.


DUTIES:

Penetration Testing Duties:


Work as part of a vulnerability assessment and /or penetration testing team, taking direction from line managers and executing directives in a thorough and timely fashion
Conduct vulnerability assessments on a wide variety of technologies and implementations utilising both automated tools and manual techniques
Conduct network penetration tests
Conduct application penetration tests (web and thick client)
Conduct wireless and mobile security assessments
Conduct social engineering assessments
Conduct physical security assessments
Effectively communicate successes and obstacles with fellow team members and line managers
Interface with client contact(s) and staff in a constructive and professional manner
Develop subject matter expertise in topics to include network, database, wireless and application security assessments and adversarial network operations
Utilise common vulnerability assessment and penetration testing tools


Red Teaming Duties:


Working as part of a Red Team and assisting with the following duties (but not limited to):
Initial reconnaissance - open-source intelligence (OSINT) for collecting information on the targets
Initial compromise - gaining a foothold into the target environment through targeting weaknesses in people, process and / or technology.
Deploy command-and-control servers (C&C or C2) and custom payloads to establish communication / persistence in the target's network.
Develop tools, techniques and procedures to evade detection by blue team (including the development of custom payloads)
Escalate privileges and maintain persistence
Exfiltrate and / or complete objectives


Research and Development Duties


Research new vulnerabilities with a focus on high-profile products
Understand the terminology and tactics employed by threat actors Research new attack methods


REQUIREMENTS:


Minimum 2-5 years of Penetration Testing experience required Including conducting different types of assessments, such as network, mobile, web, thick, wireless, social engineering, physical, etc.
Previous Red Team experience required