Security Analyst (Pentester)

We are looking for a highly skilled Security Analyst (Penetration Tester) to join one of South Africas largest and most reputable security consulting firms based in Pretoria. This semi-hybrid role offers a dynamic and challenging environment where you will apply your expertise to perform penetration testing vulnerability assessments and risk analyses across a range of systems networks and applications. You will play a crucial role in helping the client strengthen their security posture through advanced testing and actionable security recommendations.

Key Responsibilities:

• Penetration Testing: Conduct advanced penetration tests across various platforms including web applications networks and internal/external infrastructures to identify vulnerabilities and weaknesses.

• Vulnerability Assessments: Perform thorough vulnerability assessments and scans identifying attack vectors and providing strategic recommendations.

• Reporting and Documentation: Prepare and deliver clear concise penetration testing reports that outline technical findings business impact and risk mitigation strategies.

• Collaboration: Work closely with internal teams and clients to assess document and remediate vulnerabilities discovered during testing.

• Research & Development: Stay up-to-date on emerging security trends vulnerabilities attack methods and penetration testing tools. Contribute to developing internal methodologies and best practices.

• Client Engagement: Effectively communicate penetration testing results to clients providing insights into risk levels and actionable next steps for remediation.

• Security Awareness: Mentor junior staff and share knowledge to foster a collaborative and continuous improvement culture within the team.

Key Skills and Qualifications:

• Experience: 3-5 years in penetration testing or security analysis ideally in a consulting environment.

• Technical Skills:

  • Hands-on experience with penetration testing tools such as Burp Suite Kali Linux Metasploit Nessus and Nmap.

  • Strong understanding of web application security (OWASP Top 10 SQL Injection Cross-Site Scripting etc.).

  • Expertise in network security firewalls IDS/IPS VPNs and security monitoring tools.

  • Proficient in scripting languages (Python Bash etc.) for automation and exploit development.

  • Familiarity with cloud environments (AWS Azure GCP) and securing cloud systems is a plus.

  • Knowledge of risk management frameworks (e.g. NIST ISO) is beneficial.

• Certifications (One or more):

  • Offensive Security Certified Professional (OSCP)

  • eLearnSecurity Certified Professional Penetration Tester (eJPT eCPPT)

  • Altered Security (CRTP CARTP CRTE)

  • Practical Network Penetration Tester (PJPT PNPT)

  • Additional certifications such as Certified Ethical Hacker (CEH) CompTIA Security CISSP or CISM are also beneficial.

• Soft Skills:

  • Strong analytical and problem-solving abilities.

  • Exceptional communication skills capable of presenting technical findings in a clear and structured manner to both technical and non-technical audiences.

  • Ability to manage multiple client engagements and work independently in a fast-paced environment.

Why Join Our Client:

• Join one of South Africas leading security consulting firms known for its innovative solutions and high-impact security projects.

• Exposure to a diverse set of clients and cybersecurity challenges offering immense career growth opportunities.

• Access to continuous training industry certifications and professional development.

• Competitive salary and benefits.