Cyber Security Consultant – Pen Testing & DevSecOps

About the role

NRG is seeking a Cyber Security Consultant to join its growing technical team. The role blends hands‑on security engineering, secure development, DevSecOps, and penetration testing, offering a fast‑paced environment for those passionate about offensive security.

Key responsibilities

• Design, develop, and maintain internal and client‑facing security tooling.
• Lead secure engineering and DevSecOps initiatives across multiple projects.
• Assist senior consultants with web application penetration testing and source‑code reviews.
• Perform security‑focused testing and produce clear, actionable reports for technical and non‑technical audiences.
• Collaborate with clients to understand their environments and deliver high‑quality consultancy engagements.

Required profile

• Curious, technically driven individual with a strong passion for cyber security.
• Background in software development, DevOps, infrastructure, or security engineering.
• Demonstrated commitment to continuous learning through labs, certifications, or community involvement.

Required skills

• Proficient in at least one programming language: Python, JavaScript, Java, C# or Go.
• Hands‑on experience or strong interest in penetration testing and offensive security.
• Understanding of web application security and modern development frameworks.
• Familiarity with CI/CD pipelines, automation tooling, Docker, Kubernetes, and infrastructure‑as‑code.
• Solid networking fundamentals and experience with Linux and Windows platforms.
• Knowledge of Microsoft 365, Entra, Defender, or other cloud security tools is a plus.
• Excellent report writing and client communication abilities.

What we offer

• Opportunity to work on diverse, technically challenging projects.
• Support for professional development and certification pursuits.
• Inclusive, equal‑opportunity workplace that values diversity and continuous learning.