ISG

Pentesting, Ethical Hacker

ISG

full-time

Posted on:

Location Type: Remote

Location: Colombia

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AWSAzureCloudCyber SecurityLinuxPythonSDLC

About the role

  • Act as a primary point of contact between penetration testing teams, internal stakeholders, and external clients.
  • Coordinate and schedule penetration testing engagements, ensuring alignment with business objectives and regulatory requirements.
  • Maintain documentation related to penetration testing activities, including scope definitions, engagement tracking, and risk assessments.
  • Ensure all penetration testing reports and findings are effectively communicated to relevant teams and stakeholders.
  • Monitor and schedule remediation efforts following penetration tests and track progress until closure.
  • Prepare and deliver final pentest reports to clients.
  • Assist in the development and refinement of penetration testing policies, procedures, and methodologies.
  • Support compliance efforts by ensuring testing activities align with frameworks such as SOC2, NIST, ISO 27001, PCI DSS, and other relevant regulations.
  • Collaborate with cybersecurity, IT, and development teams to integrate security best practices into the software development lifecycle (SDLC).
  • Identify and escalate operational challenges, process gaps, or resource needs related to penetration testing activities.
  • Provide reporting and metrics on penetration testing engagements, including key performance indicators (KPIs) and remediation progress.

Requirements

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
  • 3+ years of experience in penetration testing coordination, cybersecurity operations, or a related role.
  • Familiarity with penetration testing methodologies (OWASP, PTES, NIST SP 800-115, etc.).
  • Strong understanding of vulnerability management and risk assessment principles.
  • Excellent communication and stakeholder management skills, with the ability to translate technical findings into business impact.
  • Experience with penetration testing tools such as Burp Suite, Metasploit, Nessus, Active Directory, Bloodhound, netexec, certipy, kali Linux, python, bash, recon, OSINT, VPN, cloud Azure, AWS, and GPC. Code review and Nmap are a plus.
  • Experience with project management software, such as Asana or others.
  • Strong organizational skills and ability to manage multiple testing engagements simultaneously.
  • Certified in any of the following: CPTS, PNPT, CBBH, CRTO, CEH, CAPE, Security+
  • Bilingual in Spanish is a plus.
Benefits
  • Flexible Paid Time Off and paid holidays
  • Performance Bonuses
  • 100% Remote
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
penetration testingvulnerability managementrisk assessmentproject managementcommunicationstakeholder managementsoftware development lifecyclereportingmetricscode review
Soft Skills
excellent communicationorganizational skillsability to manage multiple engagementstranslating technical findingscollaborationproblem-solvingescalation of challengesstakeholder engagementteam coordinationadaptability
Certifications
CPTSPNPTCBBHCRTOCEHCAPESecurity+