Unleash the Future of Cybersecurity — Lead the Charge in Penetration Testing!
Krakow-based opportunity with hybrid work model (up to 3 days remote per week).
As a Senior Penetration Tester – Cybersecurity & Offensive Security, you will be working for our client, a global leader in cybersecurity research and offensive security. You will play a critical role in safeguarding financial institutions by proactively identifying vulnerabilities, testing defenses, and driving security innovation across diverse technologies. This position offers a unique chance to impact security leadership and advance your career in a forward-thinking environment.
Your main responsibilities:
- Lead and perform sophisticated penetration testing activities on custom mobile applications, infrastructure, web services, and APIs, including manual assessments and source code reviews.
- Document root causes and risk analyses of vulnerabilities clearly and professionally.
- Follow and improve security testing processes, raising gaps and opportunities for enhancing testing methodologies.
- Collaborate with DevOps teams to automate testing tasks and integrate security controls into CI/CD pipelines.
- Develop a deep understanding of business functionalities to tailor testing approaches to specific risks.
- Demonstrate and code proof-of-concept exploits when needed to validate vulnerabilities.
- Coordinate security testing projects, including creating test plans, cases, and reports.
- Advise on vulnerability remediation, control implementation, and secure development practices.
- Assess release risks and identify misuse scenarios based on business requirements.
- Track, remediate, and document security vulnerabilities and support risk acceptance procedures.
- Ensure compliance with security policies and regulatory standards.
- Evaluate new security testing technologies and keep abreast of industry research.
- Mentor junior team members and contribute to process improvements.
You're ideal for this role if you have:
- At least 4 years of demonstrable experience in penetration testing, with a strong technical background.
- Solid understanding of platform security models for iOS and Android.
- Expertise in mobile application security risks, web vulnerabilities, and infrastructure assessment.
- Hands-on experience with manual and automated security testing tools and methodologies.
- Programming/scripting skills in relevant languages (e.g., Java, Kotlin, Objective C, Swift).
- Strong TCP/IP knowledge and understanding of security implications.
- Fluent in English, with excellent communication skills suitable for technical and non-technical audiences.
- Ability to work independently or lead small teams of penetration testers.
It is a strong plus if you have:
- Relevant security certifications (e.g., OSCP, CISSP).
- Experience with security testing frameworks such as OWASP MASVS and MSTG.
- Knowledge of cloud-hosted applications and services.
- Experience with secure software development lifecycle and reverse engineering.
Language Required for the role:
Eligibility to work on this role:
- Only candidates with an existing legal right to work in the European Union will be considered for this role.
#MAKEYourCareerBETTER
Interested? Apply now and include your CV (preferably in English) along with a statement confirming your consent to the processing and storage of your personal data.