Work from Home Penetration Tester

About Company CGI is a global leader in IT and business consulting services, dedicated to helping clients succeed through the power of technology. With a rich history spanning over 45 years, we combine our extensive industry knowledge with technology expertise to deliver innovative solutions across diverse sectors including government, financial services, health, manufacturing, and utilities. In the UK, CGI has a significant presence, supporting both public and private sector organizations with critical digital transformation initiatives, managed IT services, and cutting-edge cybersecurity solutions. We are a company built on a culture of ownership, collaboration, and continuous learning, where our members (employees) are empowered to make a real impact on our clients' success and their own careers. Our commitment to quality, integrity, and client satisfaction drives everything we do, making CGI a dynamic and rewarding place to build a long-term career in technology.

Job Description

Are you a skilled Penetration Tester with a passion for uncovering vulnerabilities and securing digital landscapes? Do you thrive in an autonomous environment and excel at working remotely? CGI is seeking an experienced Work from Home Penetration Tester to join our elite cybersecurity team. In this pivotal role, you will be instrumental in protecting our clients' critical assets by identifying weaknesses in their systems, applications, and networks before malicious actors can exploit them. You'll operate from the comfort of your home office, engaging with a diverse range of clients across various industries, from public sector bodies to global enterprises. This isn't just about finding flaws; it's about providing actionable intelligence and strategic recommendations that significantly enhance our clients' security posture. You will be responsible for conducting comprehensive penetration tests, analyzing complex systems, and delivering detailed, high-quality reports. Your work will directly contribute to building a more secure digital world, impacting everything from national infrastructure to sensitive personal data. We are looking for an individual who is not only technically brilliant but also possesses excellent communication skills, capable of explaining complex technical issues to both technical and non-technical stakeholders. Join a team where your expertise is valued, your professional growth is supported, and your contributions make a tangible difference. This is an exceptional opportunity for a self-motivated cybersecurity professional to excel in a challenging yet rewarding remote role within a leading global consultancy.

Key Responsibilities

• Execute comprehensive penetration tests across various domains including network, web application, mobile application, API, and cloud infrastructure.
• Identify, exploit, and document security vulnerabilities using a variety of manual techniques and automated tools.
• Develop custom scripts and tools to automate testing processes and enhance assessment capabilities.
• Analyze test results, prioritize findings based on risk, and provide clear, actionable remediation recommendations.
• Prepare detailed, high-quality technical reports for both technical and executive audiences.
• Collaborate effectively with clients and internal teams to discuss findings, provide security advice, and support remediation efforts, all while working remotely.
• Stay current with the latest cybersecurity threats, attack techniques, and industry best practices.
• Contribute to the continuous improvement of CGI's penetration testing methodologies and service offerings.
• Maintain strict confidentiality and ethical standards throughout all testing engagements. Required Skills
• Proven experience as a Penetration Tester or Ethical Hacker.
• Proficiency with common penetration testing tools such as Kali Linux, Burp Suite, Nmap, Metasploit, Nessus, Wireshark, etc.
• Strong understanding of network protocols (TCP/IP), web technologies (HTTP/S, REST), and operating systems (Windows, Linux).
• In-depth knowledge of common web application vulnerabilities (e.g., OWASP Top 10) and network attack vectors.
• Experience with scripting languages (e.g., Python, PowerShell, Bash) for task automation and exploit development.
• Excellent written and verbal communication skills, with the ability to articulate complex technical issues clearly.
• Relevant industry certifications such as OSCP, CEH, CREST CRT, or Cyber Scheme Team Member (CSTM).

Preferred Qualifications

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
• Experience with cloud security assessments (AWS, Azure, GCP).
• Familiarity with various programming languages beyond scripting (e.g., Java, C#, Go).
• Experience in red teaming or adversary simulation exercises.
• Additional advanced certifications (e.g., OSCE, SANS GIAC certifications).
• Prior consulting experience in a cl