Senior Penetration Tester

Unleash the Future of Cybersecurity — Lead the Charge in Penetration Testing!

Krakow-based opportunity with hybrid work model (up to 3 days remote per week).

As a Senior Penetration Tester – Cybersecurity & Offensive Security, you will be working for our client, a global leader in cybersecurity research and offensive security. You will play a critical role in safeguarding financial institutions by proactively identifying vulnerabilities, testing defenses, and driving security innovation across diverse technologies. This position offers a unique chance to impact security leadership and advance your career in a forward-thinking environment.

Your main responsibilities:

• Lead and perform sophisticated penetration testing activities on custom mobile applications, infrastructure, web services, and APIs, including manual assessments and source code reviews.

• Document root causes and risk analyses of vulnerabilities clearly and professionally.

• Follow and improve security testing processes, raising gaps and opportunities for enhancing testing methodologies.

• Collaborate with DevOps teams to automate testing tasks and integrate security controls into CI/CD pipelines.

• Develop a deep understanding of business functionalities to tailor testing approaches to specific risks.

• Demonstrate and code proof-of-concept exploits when needed to validate vulnerabilities.

• Coordinate security testing projects, including creating test plans, cases, and reports.

• Advise on vulnerability remediation, control implementation, and secure development practices.

• Assess release risks and identify misuse scenarios based on business requirements.

• Track, remediate, and document security vulnerabilities and support risk acceptance procedures.

• Ensure compliance with security policies and regulatory standards.

• Evaluate new security testing technologies and keep abreast of industry research.

• Mentor junior team members and contribute to process improvements.

You're ideal for this role if you have:

• At least 4 years of demonstrable experience in penetration testing, with a strong technical background.

• Solid understanding of platform security models for iOS and Android.

• Expertise in mobile application security risks, web vulnerabilities, and infrastructure assessment.

• Hands-on experience with manual and automated security testing tools and methodologies.

• Programming/scripting skills in relevant languages (e.g., Java, Kotlin, Objective C, Swift).

• Strong TCP/IP knowledge and understanding of security implications.

• Fluent in English, with excellent communication skills suitable for technical and non-technical audiences.

• Ability to work independently or lead small teams of penetration testers.

It is a strong plus if you have:

• Relevant security certifications (e.g., OSCP, CISSP).

• Experience with security testing frameworks such as OWASP MASVS and MSTG.

• Knowledge of cloud-hosted applications and services.

• Experience with secure software development lifecycle and reverse engineering.

Language Required for the role:

• Fluent in English.

Eligibility to work on this role:

• Only candidates with an existing legal right to work in the European Union will be considered for this role.

#MAKEYourCareerBETTERInterested? Apply now and include your CV (preferably in English) along with a statement confirming your consent to the processing and storage of your personal data.

We offer you 

At ITDS, you will work on innovative and impactful technology projects for international companies across multiple industries in Europe and beyond. We create an environment for ambitious, driven professionals who want to grow, deliver value, and build their careers in modern IT and digital transformation. 

Our offer includes: 

• Stable and long-term cooperation with attractive conditions 

• Opportunities to develop your technical expertise across various industries and technologies 

• The chance to work on high-impact, strategic IT and digital transformation projects 

• A clear career path and the opportunity to grow quickly by contributing to diverse client initiatives over time 

• International environment, knowledge sharing, social events, and training opportunities 

• Access to an attractive medical package 

• Access to the Multisport program 

• Access to learning platforms such as Pluralsight 

• Flexible working hours and remote work options