Senior Pentester/ Security Engineer

We are looking for a Senior Pentester (Security Engineer) to be a part of the DEVTALENTS team and contribute to the development of truly amazing solutions for businesses all over the world.

Joining DEVTALENTS can be a life-changing decision for you, with endless benefits along the way. We provide top projects for which recruitment is not possible externally because of our wide range of partners. We value open and transparent communication, leveraging tools like Slack and generative AI to enhance collaboration and efficiency. We support continuous growth, encouraging you to step beyond your comfort zone and develop technically and personally. We are looking for an experienced Senior Pentester (Security Engineer) to join our team and provide technical leadership and mentorship.

Your responsibilities

• Conduct in-depth penetration tests (white-box and black-box) on both internal and customer-facing applications, services, and infrastructure.
• Oversee, prioritize, and analyze bug bounty submissions, as well as findings from external penetration tests.
• Perform variant analysis on disclosed vulnerabilities across multiple platforms and frameworks.
• Investigate and review third-party solutions to ensure they meet our security standards.
• Create and refine tools for reconnaissance, process automation, and ongoing metrics and performance tracking.
• Offer expert advice to engineering and security operations teams, providing clear remediation strategies and deeper insight into identified issues.
• Promote offensive security principles by hosting demos, workshops, and training sessions, building a stronger security-minded culture.
• Evaluate our technology stack through the most effective methods available, adapting your approach as the environment evolves.
• Determine priorities and focus areas to maximize value and impact.
• Contribute significantly to the ongoing development and maturity of our security program.

Our requirements

• Proven track record in penetration testing, vulnerability assessment, and other technical security evaluations.
• Strong ability to find, understand, and articulate security flaws in code, particularly in Java and Node.js environments.
• Hands-on experience with cloud infrastructures, especially AWS, and familiarity with modern microservice-oriented architectures.
• Exceptional communication skills, capable of clearly conveying findings and suggesting pragmatic, targeted improvements rather than merely reporting issues.
• Comfortable scripting in Python and contributing to more extensive security tooling or automation projects.
• Self-driven, with the initiative to spearhead projects that strengthen the broader security culture and foundations.
• Hold one or more reputable industry certifications (e.g., OSCP, OSWE, CREST, GIAC, AWS certifications).
• Active participant in CTFs and the broader cybersecurity community, staying current on emerging threats and best practices.
• Higher education with a profile in Computer Science or related
• English level min. B2.