Senior Penetration Tester – Infrastructure, Platform & Backend at Heirs Insurance Ltd

Job Overview

Location
Lagos, Lagos
Job Type
Full Time
Date Posted
3 days ago

Additional Details

Job ID
154978
Job Views
26

Job Description






About the Role




  • We are looking for an experienced Senior Penetration Tester to lead offensive security testing across our cloud-hosted digital banking platform. In this role, you will identify, validate, and exploit security vulnerabilities across cloud infrastructure, Kubernetes environments, backend services, APIs, CI/CD pipelines, and banking integrations.

  • Working closely with the Cyber Security leadership team, you will provide technical expertise that strengthens our security posture, influences remediation priorities, and helps ensure our platforms meet the highest security standards.



Key Responsibilities




  • Plan and execute penetration tests across cloud infrastructure, networks, and backend systems.

  • Assess the security of AWS cloud environments, Kubernetes clusters, IAM configurations, VPNs, firewalls, and network segmentation.

  • Perform API security testing, including authentication, authorization, encryption, and injection testing.

  • Evaluate CI/CD pipelines, container security, infrastructure-as-code, and software supply chain controls.

  • Conduct database and infrastructure security assessments.

  • Perform assumed-breach and lateral movement exercises.

  • Produce detailed penetration testing reports with risk ratings, proof-of-concept evidence, and remediation recommendations.

  • Present findings to technical and executive stakeholders.

  • Validate remediation efforts through retesting.



Required Qualifications



Experience




  • Minimum 5 years of hands-on penetration testing experience.

  • At least 3 years focused on:

  • AWS cloud security

  • Kubernetes security

  • CI/CD pipeline security

  • Infrastructure penetration testing



Technical Skills



Strong experience with:




  • AWS Security Services

  • Kubernetes Security

  • API Security Testing

  • Network Security

  • VPN Security

  • Container Security

  • Infrastructure-as-Code security

  • OWASP Testing Methodologies



Experience using tools such as:




  • Burp Suite Professional

  • Nmap

  • Metasploit

  • Nuclei

  • kubectl

  • AWS CLI

  • Checkov

  • Trivy

  • Python or Go scripting



Certifications



Required




  • Offensive Security Certified Professional (OSCP)



Highly Preferred




  • Offensive Security Experienced Penetration Tester (OSEP)

  • AWS Certified Security – Specialty

  • Certified Kubernetes Security Specialist (CKS)

  • Certified Kubernetes Application Developer (CKAD)

  • GIAC Penetration Tester (GPEN)



Preferred Experience




  • Financial Services, Banking, or FinTech environments

  • PCI-DSS and ISO 27001

  • Payment platform security

  • Cloud WAF security

  • Runtime security tools (Falco, Tetragon, Groundcover)

  • Red Team engagements

  • Multi-cloud environments



What We're Looking For



We're looking for someone who:




  • Demonstrates deep technical expertise in offensive security.

  • Can identify complex vulnerabilities beyond automated scanning.

  • Produces high-quality technical reports for both technical and executive audiences.

  • Exercises sound judgment when handling critical security findings.

  • Maintains the highest standards of professionalism and integrity.

  • Stays current with emerging attack techniques and threat intelligence.



Similar Jobs

Full Time
Full Time

Cookies

This website uses cookies to ensure you get the best experience on our website. Cookie Policy

Accept