Overview: We are seeking an experienced and highly skilled Senior Supervisor in Security Testing to lead and execute comprehensive penetration testing activities across a variety of platforms, including network infrastructure, web and mobile applications, cloud environments, and enterprise systems. This role is critical in identifying and mitigating vulnerabilities through full\-scope assessments, including discovery, exploitation, and secure coding analysis. Key Responsibilities: * Perform advanced penetration testing across diverse environments including: + Web and Mobile Applications (iOS, Android) + Network Infrastructure + Active Directory and internal enterprise systems + Cloud platforms (AWS, Azure, GCP) + IoT, Firmware, and APIs * Utilize leading penetration testing and security tools such as: + Burp Suite Pro (with plugin integrations), Metasploit, Nmap, Nessus, Acunetix, Cobalt Strike * Apply offensive security techniques, red teaming methodologies, and frameworks such as: + OWASP Top 10, MITRE ATT\&CK, PTES, NIST SP 800\-115 * Conduct reverse engineering of mobile apps including obfuscated and anti\-emulator protected apps. * Perform secure code reviews and design\-level application security assessments across technologies including: + Web services (REST/SOAP), SaaS platforms, thick clients, and microservices. * Develop and deliver clear, concise technical and executive\-level reporting and presentations. * Simulate real\-world attack scenarios to assess and improve detection and response capabilities. * Collaborate with development, architecture, and risk teams to recommend and validate mitigation strategies. Required Qualifications: * Bachelors degree in Computer Science, Cybersecurity, or a related technical field. * Minimum of 4 years hands\-on experience in penetration testing or offensive security roles. * Strong knowledge of security testing methodologies and manual testing techniques. * Practical experience in red teaming and offensive testing of: + Web applications, Mobile apps, Infrastructure, Cloud, and AD environments. * Familiarity with scripting and automation tools for offensive security (Python, Bash, PowerShell, etc.). Preferred Skills \& Experience: * Expertise in tools like: + Burp Suite Pro (with BApp Store plugins), Cobalt Strike, Metasploit, OWASP ZAP, Nmap, Nessus, Wireshark * Experience with reverse engineering, mobile application security bypass, and dynamic analysis. * Familiarity with secure SDLC, DevSecOps, and CI/CD security integration. * Exposure to threat modeling, fuzzing, and static/dynamic application security testing (SAST/DAST). * Programming/Scripting: Python, JavaScript, Java, C/C\+\+, C\#, Bash, PowerShell, or Assembly. Certifications (Preferred): * One or more of the following are strongly desired: + OSCP, OSWE, OSCE, OSEP + GWAPT, GMOB, eWPT, eMAPT, eCPTX + CEH, CISSP, GIAC GPEN/GXPN, GREM **Contrat** ----------- CDI