Job Description
Ensign is hiring !
Key Responsibilities
1. Penetration Testing & Security Assessments
Conduct penetration testing on:
Web applications (OWASP Top 10)
Mobile applications (iOS / Android)
Internal and external networks
APIs and web services
Cloud environments (AWS, Azure, GCP)
Perform vulnerability assessments using automated and manual techniques.
Simulate real-world attack scenarios including privilege escalation and lateral movement.
2. Exploitation & Validation
Identify and exploit security weaknesses in systems and applications.
Develop proof-of-concept (PoC) exploits to validate findings.
Assess impact and risk severity of vulnerabilities discovered.
3. Reporting & Documentation
Prepare detailed penetration testing reports including:
Executive summary
Technical findings
Risk ratings
Remediation recommendations
Present findings to technical teams and management.
Provide remediation validation (retest) services.
4. Tools & Techniques
Utilize industry tools such as:
Burp Suite
Metasploit
Nmap
Nessus / OpenVAS
Wireshark
SQLmap
Kali Linux toolsets
Develop custom scripts (Python, Bash, PowerShell) where necessary.
Stay updated on latest attack techniques, CVEs, and threat trends.
5. Compliance & Standards
Conduct testing aligned with:
OWASP Testing Guide
PTES (Penetration Testing Execution Standard)
NIST frameworks
ISO 27001 controls
Support compliance-driven assessments (e.g., PCI-DSS).
Requirements
Bachelor’s Degree in Cybersecurity, Computer Science, IT, or related field.
Experience
2–5 years of experience in penetration testing or offensive security.
Hands-on experience conducting web and network penetration tests.
Experience preparing formal penetration testing reports.
(Senior level: 5+ years with leadership or project ownership experience.)