Pentester

Nmap Metasploit Descripción del empleo

Do you want to participate in advanced offensive security assessments? The GMV Technical Audits team is looking for you!, As a Senior Pentester, you will not only execute technical assessments but also design realistic attack scenarios based on MITRE ATT&CK TTPs and lead audit projects, helping organizations understand how they could be compromised before a real attacker does. You will work on web and mobile applications, network infrastructures, Wi-Fi networks, cloud environments (AWS, Azure, GCP), Active Directory and AI-based systems. You will also participate in Red Team and Purple Team exercises, simulating real attacks and collaborating with Blue Team professionals to improve threat detection and response capabilities. DAY-TO-DAY RESPONSIBILITIES

• Execute and lead penetration tests in complex corporate environments.
• Participate in Red Team exercises, applying evasion techniques against EDR, XDR, WAF and antivirus solutions.
• Identify vulnerabilities, analyze their impact and propose effective mitigation strategies.
• Develop or adapt offensive tools and automations using Python, Bash or PowerShell.
• Produce clear technical and executive reports focused on risk.
• Present findings to both technical and business audiences.
• Manage technical audit projects, coordinating scope, timelines and deliverables.

GMV is looking for a Senior Pentester to conduct advanced offensive security assessments. This role involves executing penetration tests across various environments, leading Red Team exercises, and designing attack scenarios based on frameworks like MITRE ATT&CK. The successful candidate will have over 5 years of experience in the field and relevant certifications. Benefits include a competitive salary, hybrid work model, and a personalized career development plan., * 5+ years of experience in penetration testing across various platforms.

• Experience designing and executing Red Team attacks.
• Strong knowledge of frameworks like MITRE ATT&CK.

Responsabilidades

• Lead and execute penetration tests in complex environments.
• Develop offensive automation tools using scripting.
• Produce and present technical risk reports.

Conocimientos

Penetration testing Red Team operations Scripting (Python, Bash, PowerShell) Report writing Communication skills, * 5+ years of experience in penetration testing (web, mobile, network, cloud, Active Directory, Wi-Fi).

• Experience in Red Team operations designing and executing simulated attacks.
• Advanced knowledge of tools such as Burp Suite, Nmap, Metasploit or C2 frameworks.
• Ability to automate offensive tasks through scripting (Python, Bash or PowerShell).
• Experience producing technical and executive reports focused on risk.
• Strong communication skills and ability to present results clearly.
• Experience managing cybersecurity or technical audit projects.
• Offensive certifications such as OSCP, OSEP, OSWE, eCPPT, CRTP or equivalent.
• Knowledge of frameworks and methodologies such as PTES, MITRE ATT&CK or OWASP.
• Experience assessing security in AI or LLM-based systems (OWASP Top 10 for LLMs).

Personalized career development plan Relocation package Health and dental insurance, * Hybrid work model and up to 8 weeks per year of remote work outside your usual geographical area.

• Flexible working hours and intensive working days on Fridays and during summer.
• A personalized career development plan, training opportunities and language learning support.
• National and international mobility. Coming from another country? We offer a relocation package.
• Competitive salary with continuous reviews, flexible compensation and brand discounts.
• Wellbeing program: health, dental and accident insurance; free fruit and coffee; physical, mental and financial wellbeing initiatives.

GMV Tres Cantos Híbrido EUR 55.000 - 70.000 Jornada completa Hace 25 días Recibe más respuestas de empleadores