Senior Security Consultant

Overview

We’re looking for a Senior Security Consultant to lead our penetration testing team. This is a hands-on leadership role, where you’ll be assessing and mentoring a team of security consultants to efficiently drive project delivery, contributing to business development efforts in the event.

Key Responsibilities

– Team Leadership & Mentorship

Lead and mentor a team of penetration testers with varying skill levels. As a senior security consultant, you’ll be responsible for the technical growth, work quality, and professional development within your team. Your core responsibilities in this regard will include conducting technical reviews of assessment deliverables, offering guidance and support on complex testing scenarios, and ensuring consistent methodology across engagements. You will be expected to hold one-on-one meetings with regular performance reviews as felt applicable.

– Security Assessments & Red Team Operations

Conduct and oversee comprehensive security assessments that include:

• Web, mobile, API, and Thick client penetration testing
• Network penetration testing for internal, external, and wireless networks
• Cloud security configuration reviews, covering for AWS, Azure, GCP, and M365
• Review network device and infrastructure configuration
• Analyze source code reviews and secure code
• Engage with Red team and adversary simulation
• Assess social engineering and phishing attempts
• You’ll handle the complex engagements personally while delegating and supervising routine assessments across the team.
  
  

– Client Engagement & Pre-Sales

• Serve as the senior technical point of contact for clients during engagements
• Lead kickoff calls, provide status updates, and present findings through common presentation and video conferencing tools
• Communicate technical vulnerabilities into business risk for executive audiences
• Offer support for sales efforts by engaging in pre-sales calls, scoping engagements, developing effort estimates, and contributing to proposal development
• You should possess expertise in accurately sizing a project and communicate value to prospective clients
  
  

– Project Coordination

Work in close proximity with the Project Management team on resource allocation, timeline management, and delivery coordination
Balance team workload across concurrent projects, simultaneously maintaining quality and meeting deadlines

– Process & Tooling

Develop and maintain internal tools, scripts, and automation to improve assessment efficiency and consistency
Contribute to preparing methodology documentation, reporting templates, and the team’s technical knowledge base
What We’re Looking For

– Experience

Hands-on experience (5 years) in vulnerability assessment and penetration testing, demonstrating progress into senior or lead roles. You’ve delivered assessments across diverse industries and can very well and independently handle enterprise-scale engagements

Prior experience in a consulting or professional services environment is strongly preferred. You know how to handle project-based delivery, client management, and the business side of security services

–Certifications

OSCP (mandatory)
Additional certifications in OSWE, OSEP, CRTO, GPEN, or GXPN would be an added bonus

– Technical Skills

Demonstrate expertise in manual penetration testing techniques across web applications, networks, APIs, mobile platforms, and cloud environments. Should be able to comfortably handle:

• Standard offensive tools, such as Burp Suite, Nmap, Metasploit, Cobalt Strike, Bloodhound, etc
• Cloud platforms (AWS, Azure, GCP, and M365) and their security configurations
• Network device configuration review (firewalls, routers, switches)
• Static and dynamic analysis tools for source code review
• Scripting & Tool Development
• Strong scripting skills in Python and Bash are required. You should be capable of writing custom tools, automating repetitive tasks, modifying existing exploits, and building internal utilities. Experience in PowerShell and at least one compiled language (Go, C#, C++) is preferred
  
  

– Frameworks & Standards

Demonstrate a solid working knowledge of security testing methodologies and compliance standards, including OWASP Testing Guide, PTES, MITRE ATT&CK, NIST CSF, CIS Controls, and relevant compliance frameworks (ISO 27001, PCI DSS, SOC 2, HIPAA, GDPR).

– Communication

• Excellent written and verbal communication skills
• Should be able to write clear, actionable reports, present findings to both technical and non-technical audiences, and hold your own in client-facing discussions
• Strong English proficiency is a prime requisite in this regard
  
  

– Leadership

Demonstrated ability to lead technical teams, mentor junior staff, and maintain accountability for team output. You’re comfortable providing constructive feedback, conducting technical reviews, and making decisions under pressure.

Preferred Qualifications

• Experience with DevSecOps, CI/CD pipeline security, or container security (Docker, Kubernetes)
• A formidable background in software development or system administration
• Familiarity with threat intelligence and adversary emulation frameworks
• Experience building or contributing to security training programs
  

What We Offer

• Competitive compensation with performance-based incentives
• Support for professional certifications and continuous learning
• Flexible work arrangements
• Exposure to diverse industries and challenging engagements
• Collaborative team environment with room for growth
  
  

How To Apply

Submit your resume that highlights relevant experience, certifications, and notable engagements. Include a brief note on why you’re interested in this role. This should equally consider offering explanations for why we should consider hiring you.

We look forward to engaging with you and becoming a part of our growing team of cybersecurity experts and pentesters. Step into this challenging, high-impact, and rewarding Senior Security Consultant role with Wattlecorp.