Pentest Lead

Job Functions
Penetration Testing, GRC, Cybersecurity

Job Summary
The Pentest Lead drives offensive testing engagements and contributes to defensive security practices. You will lead penetration testing efforts, support GRC-aligned assessments, and validate controls across a range of standards including ISO 27001, SOC 2, PCI-DSS, and VARA. You will also contribute to documentation and reporting for business stakeholders.

Key Responsibilities

• Lead and execute advanced penetration testing and vulnerability assessment engagements

• Coordinate with defensive teams to validate control effectiveness

• Conduct GRC-driven testing aligned with compliance standards (ISO 27001, SOC 2, PCI-DSS, VARA)

• Prepare and deliver detailed findings to technical teams and C-level stakeholders

• Document testing activities clearly and communicate risk effectively

• Guide and mentor junior penetration testers

Requirements

Knowledge & Experience

• 5+ years of hands-on penetration testing experience

• Strong working knowledge of GRC frameworks and defensive security practices

• Ability to deliver clear, executive-ready reports

• Strong documentation and communication skills

Education & Background

• Bachelor’s degree in Cybersecurity, Information Security, or related field

• Relevant certifications are a plus