Penetration Tester (Group Tech - Information Security)

Description
The Senior Penetration Tester is responsible for identifying, validating, and clearly communicating security vulnerabilities across Investec's applications, APIs, cloud-hosted services, and supporting infrastructure.
The primary focus of the role is application security and penetration testing of modern web applications, APIs, and services deployed in Azure. The role also requires a strong understanding of identity and access attack paths, including Active Directory, Microsoft Entra ID, authentication flows, privilege escalation, and related cloud identity risks.
The role works closely with development teams, platform teams, architects, and security stakeholders to plan and execute assessments, explain real-world risk, and support effective remediation. The successful candidate will combine hands-on offensive security testing with practical engineering enablement, helping teams improve security while supporting delivery.
Red team and adversary simu...