Lead Penetration Tester

About the Role

The Lead Penetration Tester is responsible for planning, executing, and leading security assessments across KAUST's infrastructure, cloud environments, and network systems. This senior technical role combines deep expertise in offensive security methodologies with strategic leadership capabilities to identify vulnerabilities before malicious actors can exploit them.

Responsibilities

Infrastructure Penetration Testing:

• Lead and execute penetration testing engagements against enterprise infrastructure including networks, servers, Active Directory environments and on-premises systems.
• Perform advanced network penetration testing including network segmentation validation, lateral movement assessments, and privilege escalation attacks.
• Conduct wireless security assessments including rogue access point detection, WPA/WPA2/WPA3 security testing, and wireless infrastructure evaluation.
• Execute physical security assessments and social engineering campaigns when required.
• Assess the security of virtualization platforms (VMware, Hyper-V) and identify hypervisor-level vulnerabilities.

Cloud Security Penetration Testing:

• Lead cloud penetration testing engagements across major cloud platforms (Azure, SAP) including IaaS and PaaS environments.
• Assess cloud infrastructure configurations, IAM policies, network security groups, and storage security.
• Identify misconfigurations in cloud-native services including serverless functions, container orchestration (Kubernetes, EKS, AKS, GKE), and managed databases.
• Evaluate cloud identity and access management implementations and identify privilege escalation paths.
• Test hybrid cloud environments and assess the security of cloud-to-on-premises connectivity.

Red Team Operations:

• Plan and execute red team exercises simulating advanced persistent threat (APT) scenarios.
• Conduct adversary emulation exercises based on MITRE ATT&CK framework.
• Coordinate purple team exercises with the SOC and defensive teams to improve detection capabilities.

Vulnerability Research and Exploitation:

• Research and develop custom exploits for identified vulnerabilities in KAUST's environment.
• Stay current with emerging attack techniques, zero-day vulnerabilities, and offensive security research.
• Contribute to internal vulnerability research initiatives and responsible disclosure processes.
• Maintain and enhance the penetration testing toolkit and infrastructure.

Reporting and Remediation Support:

• Produce technical reports detailing findings, attack paths, and exploitation evidence.
• Develop executive-level summaries translating technical risks into business impact assessments.
• Collaborate with system owners and IT teams to validate remediation efforts through retesting.
• Present findings to technical and non-technical stakeholders including senior management.

Leadership and Mentorship:

• Provide technical leadership and mentorship to penetration testing team members.
• Develop and maintain penetration testing methodologies, standards, and playbooks.
• Conduct knowledge sharing sessions and internal training on offensive security techniques.
• Contribute to the hiring and skill development of the penetration testing team.

Qualifications

• Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Relevant industry certifications required (e.g., OSCP, OSEP, OSCE, CRTO, GPEN, GXPN).
• Cloud security certifications preferred (e.g., AWS Security Specialty, Azure Security Engineer, CKS).

Required Skills

Technical Expertise:

• Infrastructure Security Testing: Expert-level proficiency in testing enterprise environments including Windows/Linux systems, Active Directory, network devices, and virtualization platforms.
• Cloud Security Assessment: Deep expertise in cloud penetration testing across AWS, Azure, and GCP including cloud-native services, IAM, and container security.
• Exploitation Development: Ability to develop custom exploits, shellcode, and payloads for identified vulnerabilities.
• Scripting and Automation: Advanced proficiency in Python, PowerShell, Bash, and other scripting languages for tool development and automation.
• Network Security: In-depth understanding of network protocols, firewalls, IDS/IPS evasion, and network-based attacks.
• Operating Systems: Expert knowledge of Windows and Linux internals, privilege escalation techniques, and post-exploitation methods.
• Container Security: Proficiency in assessing Docker, Kubernetes, and container orchestration platform security.
• Infrastructure as Code: Knowledge of IaC security assessment for Terraform, CloudFormation, and ARM templates.

Cyber Security Expertise:

• Offensive Security Methodologies: Mastery of penetration testing frameworks including PTES, OWASP, and NIST guidelines.
• Threat Intelligence: Ability to leverage threat intelligence to inform testing scenarios and adversary emulation techniques.
• MITRE ATT&CK: Expert understanding of the MITRE ATT&CK framework for adversary tactics and techniques.
• Vulnerability Assessment: Comprehensive knowledge of vulnerability identification, classification, and risk rating.

Leadership and Management Skills:

• Team Leadership: Ability to lead and coordinate penetration testing engagements and team activities.
• Project Management: Strong skills in planning, scoping, and delivering penetration testing projects.
• Mentorship: Demonstrated ability to develop and mentor junior security professionals.
• Stakeholder Management: Ability to manage relationships with technical and business stakeholders.

Business Acumen:

• Ability to articulate security risks in terms of business impact and strategic importance.
• Strong written and verbal communication skills for technical and executive audiences.
• Understanding of regulatory compliance requirements such as NIST and their implications for security testing.