Penetration Tester

Warsaw-based opportunity with hybrid model (3 days x week in the office).

As a Penetration Tester, you will be working for our client, a leading global financial institution known for delivering a wide range of innovative financial services across capital markets, risk management, and digital platforms. In this role, you will be part of an elite internal penetration testing team assessing critical systems, applications, and cloud infrastructures. The client is focused on secure software development, operational resilience, and proactive risk mitigation.You will test high-value systems, access source code, and work directly with engineers to implement secure solutions across global environments.

Your main responsibilities:

• Perform penetration tests on internal web applications, cloud environments, and infrastructure

• Identify and report vulnerabilities with clear technical and business impact

• Analyse source code, configurations, and systems to support deep security assessments

• Develop proof-of-concept exploits or demonstrate real-world attack vectors

• Collaborate with engineers to recommend fixes and propose systemic improvements

• Document findings in structured reports for technical and non-technical audiences

• Participate in red team exercises and threat simulation scenarios

• Review server, network, and cloud configurations for weaknesses

• Share knowledge and techniques with peers in the internal security community

• Contribute to the continuous evolution of internal testing tools and frameworks

You're ideal for this role if you have:

• Proven experience in penetration testing across web applications, cloud, and infrastructure

• Strong understanding of web security principles and ability to build exploit chains

• Proficiency in analysing systems via source code review and reverse engineering

• Familiarity with tools such as Burp Suite, Wireshark, netcat, and Ghidra

• Knowledge of one or more programming languages like Java, Python, JavaScript, or C++

• Solid understanding of the TCP/IP stack and common network protocols

• High-level knowledge of cryptographic concepts and their implementation risks

• Experience developing or customizing proof-of-concept exploits

• Awareness of security concerns in cloud-native architectures

Preferred Qualifications:

• Experience in adopting or crafting custom proof of concept exploits

• Knowledge of common cloud products and solutions

• Bachelor of Science in Computer Science, Cyber-Security, or Information Security is preferred

• Experience or trainings in related disciplines such as computer security, network security, network device management, IT administration, cloud security, or infrastructure pentesting is preferred

• Certificates (or equivalent knowledge) such as OSCP, OSEP, OSWP

We offer you:

ITDS Business Consultants is involved in many various, innovative and professional IT projects for international companies in the financial industry in Europe. We offer an environment for professional, ambitious, and driven people. The offer includes:

• Stable and long-term cooperation with very good conditions.

• Enhance your skills and develop your expertise in various industries.

• Work on the most strategic projects available in the market.

• Define your career roadmap and develop yourself in the best and fastest possible way by delivering strategic projects for different clients of ITDS over several years.

• Participate in Social Events, training, and work in an international environment.

• Access to attractive Medical Package.

• Access to Multisport Program.

• Access to Pluralsight.

• Flexible hours & remote work.

You can report violations in accordance with ITDS’s Whistleblower Procedure available here.

Ref. number 7217