Pentester

Job Title: Penetration Tester

Location: Warsaw, Poland (Hybrid – 3 days per week in-office)

About the Role:

Join a cutting-edge internal penetration testing team within one of the most progressive Technology Risk environments in the industry. This role gives you direct access to source code, critical infrastructure, and complex applications, enabling you to go far beyond surface-level testing.

You’ll work collaboratively across engineering and security teams to proactively identify, exploit, and help remediate vulnerabilities in both legacy systems and cloud-native architectures. If you're a curious and technical hacker with a passion for real-world impact and secure development, this is your opportunity to push boundaries.

Key Responsibilities:

• Perform in-depth penetration testing on:

  • Internal & external web applications

  • Cloud platforms and services

  • Infrastructure and authentication systems

• Analyze systems using source code review, config analysis, reverse engineering, and fuzzing.

• Develop custom Proof of Concepts (PoCs) and chained exploits to demonstrate impact.

• Work closely with developers and platform teams to recommend security improvements.

• Actively contribute to the internal red team/pentest community by sharing insights and tools.

Requirements

• Proven experience in penetration testing across web apps, infrastructure, and cloud environments.

• Strong understanding of web security, exploit chaining, and vulnerability impact analysis.

• Skilled in code review, reverse engineering, fuzzing, and analyzing server/cloud configurations.

• Proficient with tools like Burp Suite, Wireshark, Ghidra, and netcat.

• Familiarity with at least one programming language (e.g., Java, JavaScript, Python, C++, C#).

• Solid grasp of TCP/IP networking, common protocols, and core cryptography concepts.

• Preferred: Experience with PoC exploit development, cloud security, relevant certifications (OSCP, OSEP, OSWP), and a degree in Computer Science or related field.