Red Team Penetration Tester in Lahore Gulberg Colony, Punjab at ACE Money Transfer
NewJob Function: Information TechnologyEmployment Type: Full-Time
ACE Money Transfer
Lahore Gulberg Colony, Punjab, 54660, Pakistan
Posted on
New job! Apply early to increase your chances of getting hired.
Explore Related Opportunities
Job Description
About Us:
ACE Money Transfer is a UK-based company headquartered in Manchester, United Kingdom. The company is an online remittance service provider for customers in the UK, Canada, Australia, and the European Union, including Switzerland. The company is a parent company in a group of companies with a diversified portfolio, including digital wallet services in the UK and real estate, advertising businesses, and software solutions in Pakistan.
ROLE OVERVIEW
Responsible for conducting structured adversarial simulations and technical penetration tests across ACE Money Transfer's application, infrastructure, cloud, and identity environments. Operating under a PTES-aligned methodology, the role identifies security weaknesses before threat actors can exploit them and produces high-quality findings that directly inform ACE's remediation priorities and security roadmap.
KEY RESPONSIBILITIES
REQUIRED SKILLS & EXPERIENCE:
DESIRABLE
ACE Money Transfer is a UK-based company headquartered in Manchester, United Kingdom. The company is an online remittance service provider for customers in the UK, Canada, Australia, and the European Union, including Switzerland. The company is a parent company in a group of companies with a diversified portfolio, including digital wallet services in the UK and real estate, advertising businesses, and software solutions in Pakistan.
ROLE OVERVIEW
Responsible for conducting structured adversarial simulations and technical penetration tests across ACE Money Transfer's application, infrastructure, cloud, and identity environments. Operating under a PTES-aligned methodology, the role identifies security weaknesses before threat actors can exploit them and produces high-quality findings that directly inform ACE's remediation priorities and security roadmap.
KEY RESPONSIBILITIES
- Plan and execute penetration tests across web applications, internal/external infrastructure, cloud (cloud platform), M365, and identity (Identity platform) environments
- Conduct adversarial simulations following the PTES methodology: Pre-Engagement, OSINT, Threat Modelling, Exploitation, Post-Exploitation, and Reporting
- Perform application security testing covering OWASP Top 10, business logic abuse, API security, and authentication/authorisation bypass
- Execute network-layer assessments: port scanning, service enumeration, lateral movement, privilege escalation, and credential harvesting
- Conduct cloud security assessments targeting cloud platform IAM misconfiguration, S3 exposure, Lambda abuse, and cross-account pivot scenarios
- Perform phishing simulations and social engineering exercises as part of approved red team campaigns
- Produce CVSS-scored penetration test reports with executive summaries, finding narratives, proof-of-concept evidence, and prioritised remediation guidance
- Validate remediation of previously identified findings through structured retest engagements
- Collaborate with the Blue Team and SIEM/Detection Engineer to improve detection coverage based on red team TTPs
- Mentor Red Team interns: set scoped exercises, review deliverables, and provide structured technical feedback
REQUIRED SKILLS & EXPERIENCE:
- 2 to 3 years of hands-on penetration testing across web application, network, and/or cloud environments
- Proficiency in offensive tooling: web application testing tool, exploitation framework, network scanner, vulnerability scanner, AD enumeration tool, network protocol toolkit, or equivalents
- Strong understanding of OWASP Top 10, CWE classifications, and CVSS scoring
- Experience with Active Directory / Identity platform attack paths , Kerberoasting, Pass-the-Hash, Golden Ticket
- Ability to write or adapt exploit code in Python, Bash, or PowerShell
- Experience producing professional pentest reports for both technical and executive audiences
- One or more certifications: OSCP, CRTO, CPTS, CEH (Practical), or eWPT
DESIRABLE
- Cloud penetration testing experience cloud platform IAM privilege escalation and misconfig exploitation
- Familiarity with C2 frameworks: C2 framework, C2 framework, or C2 framework
- Experience with assumed breach or purple team exercises with active Blue Team collaboration
- Familiarity with TIBER-EU or threat-intelligence-led red team frameworks
- Knowledge of DORA or PCI DSS v4.0.1 as applied to security testing scope
Scan to Apply
Just scan this QR code to apply from your phone.
Job Location
Lahore Gulberg Colony, Punjab, 54660, Pakistan
Frequently asked questions about this position
Similar Jobs In Lahore Gulberg Colony, Punjab
AI Engineering Lead
The Plum Tree Group
Lahore, Punjab
Lead Software Engineer (Full Stack & AI) (Remote, Full-Time) [AS251] PK
Smart Working Solutions
Multan Khurd, Punjab
Senior Full Stack / Applied AI Engineer (Remote, Contractual), PK [AS282]
Smart Working Solutions
Faisalabad Gpo, Punjab
Senior Full Stack / Applied AI Engineer (Remote, Contractual), PK [AS282]
Smart Working Solutions
Multan Khurd, Punjab
Lead Software Engineer (Full Stack & AI) (Remote, Full-Time) [AS251] PK
Smart Working Solutions
Faisalabad Gpo, Punjab
Apply NowYour application goes straight to the hiring team
By submitting your application, you understand and agree to JobTarget's
Terms of Use and
Privacy Policy.