Senior Penetration Tester

Senior Penetration Tester (Freelance) – EyeR Security

Location: Remote (Israel)

Engagement: Freelance / Project-based

Availability: Immediate

EyeR Security is expanding its elite offensive security team and is seeking a high-level Senior Penetration Tester to support sensitive and complex engagements across cloud, on-prem, identity, and application environments.

You will work closely with our DFIR, threat intelligence, and cloud security teams to deliver world-class testing and actionable insights for clients globally.

About the Role

We are looking for an experienced offensive security expert with deep hands-on skills and the ability to work independently on end-to-end engagements.

You will conduct active security testing across diverse infrastructures, identify exploitable weaknesses, and produce clear, high-impact reports for technical and executive stakeholders.

This role is freelance, with engagements ranging from short assessments to multi-week projects.

Responsibilities

Technical Execution

• Perform penetration testing across:

• Cloud environments (Azure, AWS, GCP)

• On-prem networks and infrastructure

• Web and mobile applications

• Identity and authentication systems (AD, Azure AD, OAuth, SAML, LDAP)

• Containers, microservices, and Kubernetes environments

• Leverage advanced offensive tooling, scripts, and custom exploits to assess resilience and impact.

• Perform red-team style adversarial simulations when required.

Assessment & Validation

• Identify vulnerabilities, misconfigurations, and weaknesses.

• Validate and exploit findings to demonstrate real-world impact.

• Provide remediation recommendations aligned with modern security practices.

Research & Innovation

• Stay up to date with emerging threats, TTPs, and novel attack vectors.

• Develop scripts, tools, and methodologies to enhance testing depth and automation.

Reporting

• Produce professional, structured technical reports and executive summaries.

• Clearly articulate risk, exploitability, business impact, and mitigation strategy.

Requirments

• 5+ years of hands-on experience in penetration testing or red teaming.

• Strong practical background with:

• Windows & Linux internals

• Network security

• Cloud security (Azure/AWS/GCP)

• Containers, Kubernetes, microservices

• Experience with Active Directory, Azure AD, identity systems, and enterprise authentication protocols.

• Strong knowledge of EDR evasion, Windows internals, and offensive tradecraft (advantage).

• High proficiency in Python, PowerShell, or similar languages for automation and tool development.

• Experience conducting testing in modern CI/CD, DevOps, or microservice-based environments.

• Ability to communicate clearly and write professional reports in English (Hebrew is a plus).

• Strong independence, problem-solving ability, and ownership of deliverables.

• Relevant certifications (OSWE, OSCP, OSEP, CREST, etc.) are an advantage.