Consultant, Security Testing and Red Teaming

Ensign is hiring !

Roles and Responsibilities

• Deliver end-to-end penetration testing engagements with minimal supervision, including:
  • Web application penetration testing
  • Internal and external network penetration testing
  • Active Directory security assessments
  • Cloud and hybrid environment testing
  • Mobile application penetration testing
  • IOT penetration testing
  • OT penetration testing
• Perform manual vulnerability discovery, validation, and exploitation beyond automated scanning.
• Identify attack paths, chain vulnerabilities, and assess real-world business impact.
• Exercise sound judgement in exploitation depth, data handling, and risk management during testing.
• Maintain clear, detailed testing notes, evidence, and attack logs to support reporting and quality review.
• Produce high-quality technical findings with accurate severity assessment and actionable remediation guidance.
• Develop structured penetration testing reports, and support client walkthroughs and debriefs.
• Engage professionally with clients during kick-off sessions, testing clarification, and results discussions.
• Participate in peer reviews of testing approaches and reports to uphold delivery quality standards.
• Continuously develop technical depth across offensive security techniques, platforms, and tooling.
• Contribute to security testing playbooks, internal knowledge sharing and peer learning.
• Where appropriate, contribute to broader offensive security initiatives, such as:
  • Adversary simulation and red teaming exercises
  • Custom tooling, scripting, or automation
  • Internal research, labs, or capability development

Requirements

• Offensive Security Certified Professional (OSCP) is required.
• CREST Certified Registered Penetration Tester (CRT) is preferred.
• Advanced or specialist certifications such as:
  • OSWE, OSEP, OSED
  • MCRTA, CRTO
  • eMAPT
• Approximately 3 to 5 years of hands-on penetration testing experience in consulting, internal security, or equivalent practical environments.
• Strong understanding of penetration testing methodologies, rules of engagement, and ethical hacking principles.
• Solid technical foundations in:
  • TCP/IP networking and common protocols
  • Windows and Linux operating systems
  • Web application architecture and common vulnerability classes
• Demonstrated experience testing:
  • Web applications, including authentication, authorization, and business logic flaws
  • Network and infrastructure environments
  • Active Directory domains
  • Mobile applications
• Proficiency with common penetration testing tools (e.g. Burp Suite, Nmap, Metasploit, BloodHound).
• Experience with scripting or programming (e.g. Python, PowerShell, Bash) to support testing and automation.
• Exposure to cloud security testing (AWS, Azure, GCP) and modern identity platforms.
• Experience with post-exploitation, lateral movement, and attack path analysis.
• Demonstrated interest in expanding beyond traditional penetration testing into broader offensive security and red teaming.
• Ability to clearly communicate technical findings in written reports and verbal discussions.
• Strong professionalism, integrity, and attention to detail.