Penetration Testing Team Leader

The Penetration Testing Team Leader is responsible for leading ZainTECH’s licensed penetration testing capability within the Cybersecurity Advisory Services practice. The role oversees the delivery of offensive security engagements across enterprise, government, and critical infrastructure customers throughout the MENA region, ensuring all testing activities are performed in accordance with industry best practices, recognized testing methodologies, and NCSC Jordan licensing requirements. The role combines hands-on technical leadership with team management, customer engagement, and service governance responsibilities.

Also responsible for managing penetration testing engagements, developing offensive security capabilities, assuring quality of deliverables, and strengthening customer security postures through actionable remediation guidance.

Responsibilities:

Penetration Testing Engagement Leadership 

• Lead and manage penetration testing engagements across infrastructure, web, wireless and applications to a recognized methodology.  
• Define engagement scope, objectives, testing methodology, and rules of engagement. 
• Ensure all testing activities are conducted safely and within approved customer authorizations. 
• Manage engagement timelines, resources, and delivery quality. 
• Act as the primary technical lead throughout the penetration testing lifecycle. 

Offensive Security Delivery 

• Perform advanced penetration testing activities using both manual and automated testing techniques. 
• Identify, validate, and demonstrate security vulnerabilities and attack paths. 
• Assess exploitability, business impact, and risk exposure associated with identified findings. 
• Conduct Vulnerability assessments, Penetration testing, Security validation exercises, Configuration reviews and Red Team-style activities where applicable 
• Support retesting activities following remediation efforts. 

Quality Assurance & Technical Review

• Review and validate penetration testing findings prior to customer delivery. 
• Ensure reports are Technically accurate, Risk-rated appropriately, Actionable and business-focused and Aligned with industry standards 
• Review attack chains and exploitation methodologies to ensure consistency and quality. 
• Maintain testing methodologies aligned with OWASP Testing Guide, PTES, OSSTMM, NIST guidance and Industry best practices 

Customer Engagement & Advisory Services

• Present technical findings and executive summaries to customer stakeholders. 
• Conduct remediation workshops and technical review sessions. 
• Support customers in understanding Security risks, Threat exposure and Recommended remediation activities
• Provide strategic guidance on improving overall security posture. 
• Support presales activities, customer workshops, and cybersecurity assessments where required. 

Team Leadership & Capability Development 

• Lead, mentor, and develop penetration testers within the Cybersecurity Practice. 
• Conduct Technical coaching, Skills development programs, Knowledge-sharing sessions and Offensive security training initiatives 
• Support recruitment, onboarding, and capability development activities. 
• Ensure team certifications remain current and aligned with NCSC requirements. 
• Drive continuous improvement across offensive security methodologies and tooling. 

Governance, Compliance & Service Development 

• Ensure compliance with NCSC Jordan licensing requirements, Internal security policies, Customer contractual obligations and Regulatory requirements 
• Enforce secure testing practices, confidentiality requirements, and evidence handling procedures. 
• Support service development initiatives to expand ZainTECH’s offensive security capabilities. 
• Maintain operational documentation, testing standards, and quality assurance processes. 
• Coordinate reporting and compliance activities required by NCSC and other regulatory stakeholders. 

Our Culture & Code of Conduct:

At ZainTECH, we take pride in a culture built on collaboration, innovation, and uncompromising integrity. We are looking for individuals who share these values and are committed to customer-centricity and ethical excellence. All employees are expected to uphold our Code of Conduct, which serves as a guiding framework for responsible behavior across everything we do — from how we work with each other to how we engage with clients and partners globally.

Requirements

• Bachelor's degree (minimum) in information technology or a related field. 
• Minimum 5 years experience in cybersecurity, including at least 5 completed penetration testing projects. 
• At least one valid NCSC-approved penetration testing certification like (CPENT, CEPT, OSCE, LPT, CPT, GPEN), or another internationally recognized, equivalent certification in the same field that is approved by the NCSC and published on its official website.. 
• Deep, hands-on offensive skills across network, web, wireless, and application testing, and command of recognized methodologies (OWASP, PTES, OSSTMM). 
• Leadership. Proven ability to lead a testing team and present to client executives. 
• Advanced degree in cybersecurity or a related discipline is preferable. 
• Advanced credentials such as OSCE, CPENT, LPT, or GPEN is preferable. 
• Experience in red teaming or an MSSP/consultancy offensive practice is preferable.