Location:
Lagos, Lagos
Contract Type:
Full Time
Experience Required:
5 to 10 years
Education Level:
Bachelor
Job Description
We are seeking a skilled and driven penetration tester with a hacker mindset to proactively Simulate real world attacks to identify, assess and exploit security vulnerabilities. You’ll be part of a fast-paced security team, expected to think like an adversary while maintaining ethical standards and compliance. You must be capable of both automated and manual testing, custom script writing, and producing detailed yet understandable reports.
Key Responsibilities
• Conduct black-box, gray-box, and white-box penetration tests on: organization’s Web apps, Mobile apps, APIs.
• Perform social engineering and phishing simulation campaigns
• Develop and execute custom exploits where necessary
• Document proof-of-concept exploits and provide risk-ranked findings
• Conduct red team exercises simulating advanced persistent threats (APT)
• Analyze security findings from Hacker One and recreate vulnerabilities
• Collaborate with developers, Appsec Team, DevOps, and product teams to provide remediation guidance
• Stay current on CVEs, exploits, hacker tools, and threat actor techniques (TTPs)
• Weekly updates and debriefs with stakeholders
• Manual Application and Api Penetration testing based on Owasp top 10 (Mobile,Web,Api)
Minimum Requirements
• Proven experience in offensive security or ethical hacking
• Demonstrated history with Bug Bounty programs or CTF competitions
• Deep understanding of web technologies, cloud platforms, and modern infrastructure
• Ability to write and explain exploits or security PoCs clearly
• Strong report writing and communication skills
Tools and Platforms (it’s expected to have a knowledge of how to use at least one of each of the listed tools)
• Burp Suite, OWASP ZAP, Nmap,
• Mobile security tools: MobSF, Frida, jadx, Objection, genny motion, Andriod studio.
• Kali Linux, Parrot OS, custom scripts in Python, Bash, PowerShell.
• Postman, for API testing
Security Standards & Compliance
• OWASP Top 10 (Web, API, Mobile)
• CIS Benchmarks
• NIST 800-53, ISO/IEC 27001
Preferred Qualifications
• CEH, OSCP, OSCE, GPEN, or similar certifications
• Experience working in CI/CD environments and with DevSecOps teams
• Programming or scripting experience (Python, JavaScript, Nodejs, php, Go, Bash)
Key Responsibilities
• Conduct black-box, gray-box, and white-box penetration tests on: organization’s Web apps, Mobile apps, APIs.
• Perform social engineering and phishing simulation campaigns
• Develop and execute custom exploits where necessary
• Document proof-of-concept exploits and provide risk-ranked findings
• Conduct red team exercises simulating advanced persistent threats (APT)
• Analyze security findings from Hacker One and recreate vulnerabilities
• Collaborate with developers, Appsec Team, DevOps, and product teams to provide remediation guidance
• Stay current on CVEs, exploits, hacker tools, and threat actor techniques (TTPs)
• Weekly updates and debriefs with stakeholders
• Manual Application and Api Penetration testing based on Owasp top 10 (Mobile,Web,Api)
Minimum Requirements
• Proven experience in offensive security or ethical hacking
• Demonstrated history with Bug Bounty programs or CTF competitions
• Deep understanding of web technologies, cloud platforms, and modern infrastructure
• Ability to write and explain exploits or security PoCs clearly
• Strong report writing and communication skills
Tools and Platforms (it’s expected to have a knowledge of how to use at least one of each of the listed tools)
• Burp Suite, OWASP ZAP, Nmap,
• Mobile security tools: MobSF, Frida, jadx, Objection, genny motion, Andriod studio.
• Kali Linux, Parrot OS, custom scripts in Python, Bash, PowerShell.
• Postman, for API testing
Security Standards & Compliance
• OWASP Top 10 (Web, API, Mobile)
• CIS Benchmarks
• NIST 800-53, ISO/IEC 27001
Preferred Qualifications
• CEH, OSCP, OSCE, GPEN, or similar certifications
• Experience working in CI/CD environments and with DevSecOps teams
• Programming or scripting experience (Python, JavaScript, Nodejs, php, Go, Bash)
Number of vacancies:
31
Company Description
Growth in Value Alliance (GV Alliance) Partners is a business advisory and market intelligence services firm. Our objectives are to assist organizations to achieve their growth aspirations by providing market intelligence, strategy blueprint, IT solution delivery expertise and business operation improvement capabilities.
View Company Profile
