Cybersecurity Consultant (Penetration Tester)

Thales is a global technology leader trusted by governments institutions and enterprises to tackle their most demanding challenges. From quantum applications and artificial intelligence to cybersecurity and 6G innovation our solutions empower critical decisions rooted in human intelligence. Operating at the forefront of aerospace and space cybersecurity and digital identity were driven by a mission to build a future we can all trust.

Job Purpose

The Penetration Tester is responsible for identifying security weaknesses through authorized offensive security testing. The role involves conducting penetration tests across web & mobile applications infrastructure and networks validating real-world risks and providing actionable remediation guidance to improve the organizations security posture.

Key Responsibilities

Penetration Testing & Security Assessment

• Conduct penetration testing on:
  • Web applications
  • APIs
  • Internal and external networks
  • Cloud environments
  • Wireless networks (as applicable)
• Perform manual and automated security testing
• Simulate real-world attack scenarios to assess exploitability and impact
• Identify validate and exploit vulnerabilities in a controlled and ethical manner
• Participate in red team / purple team exercises (where applicable)

Analysis & Risk Evaluation

• Analyze findings to determine:
  • Business impact
  • Risk severity
  • Likelihood of exploitation
• Map vulnerabilities to industry standards (OWASP MITRE ATT&CK CVSS)
• Provide practical prioritized remediation recommendations

Reporting & Communication

• Produce clear high-quality deliverables:
  • Executive summaries
  • Technical vulnerability reports
  • Proof-of-concept evidence
• Present findings to technical teams management and stakeholders
• Support remediation validation and retesting

Collaboration & Improvement

• Work with development infrastructure and security teams to improve security controls
• Contribute to tool development scripts and testing methodologies
• Stay current with emerging threats vulnerabilities and exploitation techniques

Required Skills & Qualifications:

Education

• Bachelors degree in:
  • Computer Science
  • Information Security
  • Information Technology
    or equivalent practical experience (at least 2 years of experience as penetration tester)

Technical Skills

• Strong understanding of:
  • Networking (TCP/IP DNS HTTP/S VPNs)
  • Operating systems (Linux & Windows)
  • Web application architecture
• Hands-on experience with vulnerabilities including:
  • OWASP Top 10
  • Authentication & authorization flaws
  • Injection XSS CSRF SSRF
  • Misconfigurations and insecure APIs
• Proficiency with penetration testing tools such as:
  • Burp Suite
  • Nmap
  • Metasploit
  • Nessus / OpenVAS
  • Nikto
• Scripting / automation skills in at least one:
  • Python
  • Bash
  • PowerShell
  • JavaScript

Preferred / Nice-to-Have:

• Experience with:
  • Familiar with VAPT Framework OWASP WSTGMSTG OSSTM etc.
  • Cloud penetration testing (AWS Azure GCP)
  • Mobile application security (Android / iOS)
  • Source code review
• Knowledge of:
  • Secure SDLC
  • DevSecOps practices
• Industry certifications (one or more preferred):
  • OSCP
  • eWPT / eWPTX
  • GWAPT
  • CEH
• Experience in regulated industries (banking aviation government healthcare)

Personal Attributes

• Strong analytical and problem-solving skills
• Ethical mindset and respect for confidentiality
• Excellent written and verbal communication
• Ability to work independently and in teams
• Detail-oriented with a strong sense of responsibility

At Thales were committed to fostering a workplace where respect trust collaboration and passion drive everything we do. Here youll feel empowered to bring your best self thrive in a supportive culture and love the work you do. Join us and be part of a team reimagining technology to create solutions that truly make a difference for a safer greener and more inclusive world.