100% Remote PENETRATION TESTER

- Role - 100% Remote PENETRATION TESTER

- Opening - 2

- Location -- REMOTE

- Duration --- 3 -- 6+ months

SENIOR CONSULTANT:

Role Overview

We are looking for a Senior Consultant to lead advanced offensive security engagements, including red teaming, application security testing, and cloud/infrastructure assessments. This role requires deep technical expertise, strong delivery ownership, and the ability to simulate real-world threat actors in mature security environments.

Key Responsibilities

- Lead end-to-end Red Team engagements using black-box and grey-box approaches: - OSINT, reconnaissance, credential harvesting

- Initial access, lateral movement, persistence, and data exfiltration scenarios

- Design and execute attack scenarios aligned with real-world threat actors (MITRE ATT&CK)

- Perform advanced Web Application Penetration Testing: - Authenticated testing, business logic abuse, API security, session/auth flaws

- Lead Infrastructure & Cloud Security Assessments (VPN security - SSL/IPSec, secure configuration validation, AWS security assessments, architecture, configurations, security controls review)

- Conduct and oversee: - Phishing simulations and credential attacks (password spraying)

- Adversary simulation exercises (Red/Blue Team)

- Support Blue Team validation by simulating realistic attack paths requiring detection & response

- Physical Security & Social Engineering Assessments: - Tailgating, impersonation, visitor-based access scenarios

- Mentor junior team members and review technical deliverables

- Produce executive-ready reports with risk-based prioritization and evidence-backed findings

- Engage with client stakeholders and support regulatory/security assurance requirements

Required Skills & Experience

- 6 10+ years in penetration testing / red teaming / adversary simulation

- Deep expertise in: - Application security (OWASP Top 10, auth, APIs, logic flaws)

- Network and infrastructure exploitation

- Active Directory attacks, credential abuse, lateral movement

- VPN and remote access security

- Cloud security (AWS preferred multi-account environments)

- Strong hands-on with: - Cobalt Strike , Burp Suite Pro, BloodHound, Mimikatz, Metasploit

- Experience working in regulated environments (financial sector preferred)

Preferred Certifications

- CISM

- OSCP, OSCE, CRTO, CISSP (highly desirable)

Leadership & Delivery Expectations

- Ability to lead complex, multi-layered engagements independently

- Strong stakeholder communication and reporting skills

- Ability to align testing outcomes with regulatory and risk-based objectives

Good to Have

- Experience with: - Physical security assessments & social engineering

- Tabletop exercises (TTX) and cyber resilience validation

- O365 security testing

GAURAV GAUR

Team Lead Recruitment

DMS VISIONS INC.

972-645-9280 | dmsvisions.com/

[email protected]

4645 Avon Ln, Suite 210, Frisco, Texas 75033, US