Senior Penetration Tester - Remote Opportunity

About the Role

We are seeking a Senior Penetration Tester to join our dynamic team at phew. This remote penetration tester role offers the chance to work with a variety of clients, from innovative SaaS startups to critical infrastructure providers. As a Senior Penetration Tester, you will play a vital role in enhancing the security posture of our clients through comprehensive testing and assessments.

What You'll Do

• Conduct penetration testing across web, mobile, and API targets for diverse clients and projects.
• Perform network and infrastructure security assessments, including wired, wireless, internal, and external evaluations.
• Mentor junior team members, providing guidance and support in their professional development.
• Engage directly with clients throughout the engagement lifecycle, guiding the testing strategy and providing actionable advice.
• Contribute to the team’s security assurance strategies, tools, and methodologies to ensure effective outcomes.
• Integrate security assurance activities within client and internal projects.

Requirements

• 3+ years of full-time penetration testing experience.
• Certifications in OSCP or equivalent (OSWE, OSCE preferred) and other relevant certifications from Offensive Security, GIAC, or CREST.
• A strong track record in security research or bug bounty activities, with verifiable achievements such as CVE credits for high severity vulnerabilities.
• Participation in reputable CTFs or recognized bug bounty programs.
• Ability to self-manage and deliver clear, high-quality reports.
• Strong communication skills to convey security concepts and findings to both internal and external stakeholders.
• In-depth knowledge and experience with penetration testing frameworks, tools, and methodologies, such as OWASP, NIST, Burp Suite, and Kali Linux.

Nice to Have

• Experience in security assurance strategies and methodologies.
• Familiarity with cloud security practices.

What We Offer

• Real growth opportunities and the ability to shape your role and the strategies of the testing team.
• A collaborative work environment with a focus on knowledge sharing.
• Hands-on exposure to diverse targets and projects, with plenty of autonomy.
• Structured security research time that grows with seniority and experience.
• Strong focus on upskilling and certification support through study leave and course costs.
• Modern work culture with flexibility for remote work and time in our central Auckland office.

If you are an experienced, ambitious Penetration Tester looking for a rare opportunity in an exciting and innovative Kiwi cybersecurity organization, please get in touch for a confidential conversation. We can assist with work visa sponsorship for suitably qualified candidates planning a move to New Zealand.