Job Openings Senior Security Engineer – Compliance & Penetration Testing

About the job Senior Security Engineer – Compliance & Penetration Testing

About the Role

We are looking for a skilled and proactive Security Engineer – Compliance & Penetration Testing with 3–4 years of hands-on experience in cybersecurity, penetration testing, and security compliance. The ideal candidate will play a key role in identifying vulnerabilities, supporting security assessments, and ensuring organizational compliance with industry security standards and best practices.

This role requires a balanced understanding of both offensive security testing and security governance/compliance frameworks, along with the ability to collaborate across technical and business teams.

Key Responsibilities

  • Perform web, API, network, and infrastructure penetration testing engagements
  • Conduct vulnerability assessments using both manual and automated testing techniques
  • Identify, validate, and document security vulnerabilities with remediation recommendations
  • Support compliance initiatives related to ISO 27001, SOC 2, GDPR, HIPAA, PCI-DSS, or similar frameworks
  • Assist in internal security audits, risk assessments, and compliance reviews
  • Evaluate applications and systems against OWASP Top 10 and security best practices
  • Collaborate with development, DevOps, and infrastructure teams to improve security posture
  • Participate in secure SDLC activities and provide security recommendations during the development lifecycle
  • Create detailed technical reports, including findings, risk ratings, proofs-of-concept, and mitigation plans
  • Monitor emerging vulnerabilities, security threats, and compliance requirements
  • Support implementation and maintenance of security policies, procedures, and documentation
  • Assist in incident investigation and security monitoring activities when required

Technical Skills & Requirements

  • 3–4 years of experience in cybersecurity, penetration testing, vulnerability assessment, or security compliance
  • Strong understanding of OWASP Top 10 vulnerabilities and remediation techniques
  • Hands-on experience with security testing tools such as:
    • Burp Suite
    • Nmap
    • Nessus
    • Wireshark
    • SQLMap
    • Metasploit
    • Nikto
  • Understanding of:
    • Web application and API security
    • Network security concepts and protocols
    • Linux and Windows operating systems
    • Authentication, authorization, and session management
  • Familiarity with compliance and governance frameworks:
    • ISO 27001
    • SOC 2
    • GDPR
    • HIPAA
    • PCI-DSS
  • Basic scripting or automation knowledge in Python, Bash, or PowerShell is a plus
  • Understanding of cloud security concepts (AWS, Azure, or GCP) is preferred
  • Strong analytical, documentation, and reporting skills

Preferred Certifications

  • CEH (Certified Ethical Hacker)
  • eJPT / eCPPT
  • Security+
  • ISO 27001 Lead Implementer / Lead Auditor
  • OSCP (Plus)

Job Details

  • Position: Security Engineer – Compliance & Penetration Testing
  • Experience: 3–4 Years
  • Location: Lahore (Hybrid)
  • Department: Cyber Security & Compliance

About TekHQS

TEKHQS is a global AI-driven technology solutions provider headquartered in Lake Forest, California, with a 300+ expert team operating across multiple countries. We specialize in SaaS, Cloud, AI/ML, Blockchain/Web3, DevOps, ERP solutions (SAP S/4HANA, Oracle NetSuite, Microsoft Dynamics 365), and enterprise technology services.

At TEKHQS, you'll work on cutting-edge global projects, collaborate with experienced professionals, and gain exposure to advanced technologies within a fast-growing international environment.


Or refer someone