Senior Penetration Tester

About NTT DATA

NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now! At NTT DATA we know that with the right people on board, anything is possible. The quality, integrity, and commitment of our employees have been key factors in our company’s growth and market presence. By hiring the best people and helping them grow both professionally and personally, we ensure a bright future for NTT DATA Services and for the people who work here.

NTT DATA Inc is expanding its internal cybersecurity capabilities and is seeking a Senior Penetration Tester to join the Office of Information Security that forms part of our Global Functions team. Based in Romania, this role is part of the Attack & Hunt team, which is responsible for proactively identifying vulnerabilities, simulating real-world attack scenarios, and supporting threat detection and response efforts. The Senior Penetration Tester will play a key role in strengthening the organization’s internal security posture by leveraging advanced tools, techniques, and methodologies to assess and improve the resilience of enterprise systems and infrastructure.

Job Responsibilities

• Perform network penetration, web application testing, source code reviews, threat analysis, and social-engineering assessments.
• Develop scripts, tools, or methodologies to enhance NTT DATA, Inc’s Purple Team and Security Operations capabilities.
• Monitor available open source intelligence feeds for any NTT DATA related information.
• Develop detailed threat models.
• Thoroughly document techniques, tactics and proofs of concept used during security testing and red team exercises.
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences.

Basic Qualifications

• 5+ years in penetration testing across web apps, APIs, containers, networks, OS, databases, and cloud platforms.
• Strong experience in technical writing and producing detailed security reports.
• Deep understanding of offensive security operations and secure development practices.
• Familiar with OWASP Top 10, NIST, CIS, MITRE ATT&CK, and threat actor methodologies.
• Skilled in scripting languages: Python, PowerShell, Ruby, Bash.
• Advanced exploit development and evasion techniques.
• Proficient in tools: Kali, Metasploit, Nessus, Nuclei, Nmap, Burp Suite, PowerSploit, Impacket.
• Flexible, analytical, and adaptable; degree or certifications (OSCP, OSEP, etc.) preferred but not required.

Preferred Skills

• Proven ability to work independently and manage multiple remote projects.
• Strong collaboration and stakeholder engagement skills.
• Creative thinker with a passion for innovation and continuous learning.
• Skilled in post-compromise techniques and lateral movement.
• Deep understanding of security frameworks: OWASP, PTES, NIST SP 800-115.
• Proficient in Metasploit, Burp Suite, Nmap, Wireshark.
• Solid knowledge of OS, network protocols, and application security.
• Experienced in assessing web apps, databases, and infrastructure.
• Excellent analytical, reporting, and communication skills.
• Committed to ethical conduct, confidentiality, and data privacy.

Key skills/competency

• Penetration Testing
• Vulnerability Assessment
• Offensive Security
• Web Application Security
• Network Security
• Exploit Development
• Scripting (Python, PowerShell)
• Threat Modeling
• Security Operations
• Reporting & Documentation