Ensign is hiring !
Roles and Responsibilities
- Deliver end-to-end penetration testing engagements with minimal supervision, including:
- Web application penetration testing
- Internal and external network penetration testing
- Active Directory security assessments
- Cloud and hybrid environment testing
- Mobile application penetration testing
- IOT penetration testing
- OT penetration testing
- Perform manual vulnerability discovery, validation, and exploitation beyond automated scanning.
- Identify attack paths, chain vulnerabilities, and assess real-world business impact.
- Exercise sound judgement in exploitation depth, data handling, and risk management during testing.
- Maintain clear, detailed testing notes, evidence, and attack logs to support reporting and quality review.
- Produce high-quality technical findings with accurate severity assessment and actionable remediation guidance.
- Develop structured penetration testing reports, and support client walkthroughs and debriefs.
- Engage professionally with clients during kick-off sessions, testing clarification, and results discussions.
- Participate in peer reviews of testing approaches and reports to uphold delivery quality standards.
- Continuously develop technical depth across offensive security techniques, platforms, and tooling.
- Contribute to security testing playbooks, internal knowledge sharing and peer learning.
- Where appropriate, contribute to broader offensive security initiatives, such as:
- Adversary simulation and red teaming exercises
- Custom tooling, scripting, or automation
- Internal research, labs, or capability development
Requirements
- Offensive Security Certified Professional (OSCP) is required.
- CREST Certified Registered Penetration Tester (CRT) is preferred.
- Advanced or specialist certifications such as:
- OSWE, OSEP, OSED
- MCRTA, CRTO
- eMAPT
- Approximately 3 to 5 years of hands-on penetration testing experience in consulting, internal security, or equivalent practical environments.
- Strong understanding of penetration testing methodologies, rules of engagement, and ethical hacking principles.
- Solid technical foundations in:
- TCP/IP networking and common protocols
- Windows and Linux operating systems
- Web application architecture and common vulnerability classes
- Demonstrated experience testing:
- Web applications, including authentication, authorization, and business logic flaws
- Network and infrastructure environments
- Active Directory domains
- Mobile applications
- Proficiency with common penetration testing tools (e.g. Burp Suite, Nmap, Metasploit, BloodHound).
- Experience with scripting or programming (e.g. Python, PowerShell, Bash) to support testing and automation.
- Exposure to cloud security testing (AWS, Azure, GCP) and modern identity platforms.
- Experience with post-exploitation, lateral movement, and attack path analysis.
- Demonstrated interest in expanding beyond traditional penetration testing into broader offensive security and red teaming.
- Ability to clearly communicate technical findings in written reports and verbal discussions.
- Strong professionalism, integrity, and attention to detail.