🛠 Tech Stack

💼 About This Role

You'll lead penetration testing for Sophos clients, identifying and exploiting vulnerabilities. You'll produce professional security assessment reports and conduct client calls. This role focuses on either application or network security, with room to grow as a service owner.

🎯 What You'll Do

• Conduct application security assessments (web, mobile, API) using exploitation tools.
• Produce professional security assessment reports with vulnerability details.
• Lead client conference calls for kick-off, findings, and close-out.
• Perform exploitation testing and document findings for remediation.

📋 Requirements

• 5+ years of web application or penetration testing experience.
• Native-level Japanese language skills (business-level minimum).
• Experience with Nmap, Metasploit, Kali Linux, or Burp Suite.
• Knowledge of OWASP Top 10 and common vulnerabilities.

✨ Nice to Have

• Offensive certifications such as GPEN, GWAPT, OSCP.
• Experience with Windows Active Directory or cloud services (AWS/Azure/GCP).
• Business-level English language skills.

🎁 Benefits & Perks

• 🌍 Remote work in Japan.
• 📈 Professional growth through leading services and mentoring juniors.
• 💡 Cutting-edge tools and threat intelligence from Sophos X-Ops.
• 🏢 Global leader in cybersecurity.