Senior Penetration Tester

Position Description:

CGI is seeking a highly skilled and experienced Senior Penetration Tester to join our dynamic and growing Cybersecurity practice. This is an opportunity for an experienced penetration tester to join one of the largest groups of cyber security specialists. The successful candidate will be a key technical leader responsible for delivering comprehensive security assessments and acting as a trusted advisor to our clients in North America. You will leverage your extensive expertise to uncover critical vulnerabilities across complex infrastructures applications and networks helping our clients bolster their security posture against sophisticated threats by conducting comprehensive penetration testing and vulnerability assessments for a wide range of clients across various sectors including government finance and critical infrastructure. You will play a crucial role in helping our clients identify and mitigate security risks ensuring the integrity and resilience of their IT systems.
This is a strategic role that requires not only deep technical prowess but also exceptional communication skills to effectively interface with clients articulate risk and provide actionable remediation guidance.
Job Title: Senior Penetration Tester
Position: Lead Analyst
Experience: 6 yrs
Category: Networking
Main location: Bangalore
Position ID: J0326-1673

Key Responsibilities

. Lead and Execute Advanced Security Assessments: Independently plan and perform a wide range of penetration tests including:
. Infrastructure Penetration Testing (Internal and External)
. Web and Mobile Application Penetration Testing
. Network Penetration Testing (Wired and Wireless)
. Cloud Security Assessments (AWS Azure GCP)
. Red Team and Adversary Simulation Exercises
. Client Communication and Advisory: Serve as a primary technical point of contact for clients. Clearly and effectively communicate findings potential business impact and strategic remediation roadmaps to stakeholders ranging from technical teams to executive leadership.
. Comprehensive Reporting: Develop detailed high-quality reports that are tailored to the audience. Ensure findings are well-documented with clear repeatable steps and actionable recommendations.
. Methodology Development: Contribute to the refinement and advancement of CGIs penetration testing methodologies tools and practices.
. Mentorship: Act as a mentor and technical escalation point for junior and mid-level testers fostering a culture of technical excellence and continuous learning.
. Security Research: Stay up-to-date with the latest security threats vulnerabilities and attack vectors and contribute to the continuous improvement of our testing methodologies.

Required Skills and Qualifications

. Experience:
. A minimum of 15 years of overall experience in the Information Technology field.
. A minimum of 10 years of dedicated hands-on and relevant experience in penetration testing.
. Education: Bachelors or Postgraduate degree in Computer Science Information Security Cyber Security or a related field.
. Client-Facing Skills: Proven ability to communicate effectively and professionally with clients is mandatory. Must possess strong presentation skills and the ability to build trusted relationships.
. Technical Proficiency:
. Expert-level understanding of OWASP Top 10 SANS Top 25 and other security frameworks.
. Mastery of penetration testing tools and frameworks (e.g. Burp Suite Pro Metasploit Cobalt Strike Nmap Wireshark).
. Advanced proficiency in scripting and programming languages (e.g. Python PowerShell Bash C#).
. Deep knowledge of network protocols operating system internals (Windows/Linux) and Active Directory security.
. Certifications: Possession of industry-leading certifications is highly desirable such as:
. Offensive Security Certified Professional (OSCP) / Offensive Security Certified Expert (OSCE)
. CREST Certified Infrastructure Tester (CCT INF) / CREST Certified Web Application Tester (CCT APP)
. GIAC Penetration Tester (GPEN) / GIAC Web Application Penetration Tester (GWAPT) / GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
. Work Schedule: Must be willing and able to work during Canada / US business hours to support North American clients.

Desired Skills

. Experience with social engineering phishing campaigns and physical penetration testing.
. Experience with reverse engineering malware analysis or exploit development.
. Familiarity with security standards and frameworks (e.g. ISO 27001 NIST).
. Experience in a consulting or client-facing role.
LI-AA13

Skills:

• Infrastructure architecture
• Security Audit

What you can expect from us:

Together as owners lets turn meaningful insights into action.

Life at CGI is rooted in ownership teamwork respect and belonging. Here youll reach your full potential because

You are invited to be an owner from day 1 as we work together to bring our Dream to life. Thats why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our companys strategy and direction.

Your work creates value. Youll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas embrace new opportunities and benefit from expansive industry and technology expertise.

Youll shape your career by joining a company built to grow and last. Youll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

Come join our teamone of the largest IT and business consulting services firms in the world.