[Hiring] Senior Network Security Architect & Penetration Tester @Tekhqs

About the Role

We are seeking a rare hybrid talent: a Senior Network Security Engineer with strong Blue Team discipline to architect and secure complex on-prem infrastructure, combined with the Red Team mindset to actively test and exploit it.

In this role, you will serve as the primary architect of our physical and virtual network environments while leading internal penetration testing initiatives. This is not a checklist-driven security role — you will proactively hunt vulnerabilities across every layer of the infrastructure.

Key Responsibilities

Infrastructure Architecture (Build)

Core Networking

• Design, implement, and maintain high-availability enterprise networks

• Configure and manage L2/L3 switches and routers (Cisco, Juniper, Arista)

• Implement BGP, OSPF, MPLS, trunking, and port security

Virtualization & Data Center

• Manage VMware vSphere environment (ESXi, vCenter)

• Administer NSX and vMotion

• Harden ESXi hypervisors and secure VM propagation

Network Hardening

• Implement ACLs and VLAN segmentation

• Configure VPN tunnels (IPsec/SSL)

• Enforce Zero Trust architecture within on-prem environments

• Manage enterprise firewalls (Palo Alto, Fortinet)

Offensive Security (Break)

Penetration Testing

• Conduct authorized internal penetration tests

• Assess internal networks, wireless segments, and edge devices

• Simulate real-world attack scenarios

Vulnerability Management

• Perform vulnerability discovery using tools such as:

  • Kali Linux

  • Nessus / OpenVAS

  • Metasploit

  • Burp Suite Professional

  • Nmap

  • Wireshark

• Drive full vulnerability lifecycle: discovery exploitation remediation

Full-Stack Security Auditing

• Analyze and secure all OSI layers

• Mitigate Layer 2 threats (MAC spoofing, STP attacks)

• Defend against Layer 7 threats (SQL injection, XSS)

• Prevent MitM attacks, privilege escalation, and lateral movement

Technical Skills Required

Networking

• BGP, OSPF, MPLS

• VLANs, ACLs, Port Security

• Enterprise Firewalling

Virtualization

• VMware vCenter

• NSX

• ESXi Hardening

Offensive Security Tools

• Kali Linux

• Metasploit Framework

• Burp Suite Professional

• Nmap

• Wireshark

Scripting & Automation

• Python

• Bash

• PowerShell

Qualifications & Experience

• 7+ years of experience in Network Engineering

• Minimum 3 years in Offensive Security / Penetration Testing

• Strong hands-on data center and bare metal infrastructure experience

Preferred Certifications

Offensive Security

• OSCP

• OSCE

• GPEN

Infrastructure

• CCNP / CCIE (Security)

• VCP (VMware Certified Professional)

The Ideal Candidate (Unicorn Profile)

• Thinks like an adversary

• Can architect secure enterprise networks

• Comfortable in both data center and terminal environments

• Able to configure BGP in the morning and execute internal pivot/exploit testing in the afternoon

Job Details

• Location: Lahore/Islamabad/Karachi (Remote)
• Experience: 5+ Years
• Department: Network Secruity & Penetration Tester

About Us:

TEKHQS is a global technology solutions provider headquartered in Lake Forest, California, with a 300+ expert team in Pakistan. We specialize in ERP (SAP S/4HANA, Oracle NetSuite, Microsoft Dynamics 365), AI/ML, Blockchain, Cloud, and Staff Augmentation services. Join us to drive business growth and work on cutting-edge global IT projects with hands-on mentorship and a clear career path.