Senior Penetration Testing Engineer

Penetration Tester & Security Infrastructure Engineer

We're looking for someone who can both break things and keep them running. This role sits at the intersection of offensive security and infrastructure engineering — you'll run penetration tests, maintain the lab environments that power them, and help us continuously improve how we find and fix vulnerabilities across one of the world's leading international banks.

What you'll do

Offensive testing — Run penetration tests, develop PoCs, and validate vulnerabilities across systems and networks

Infrastructure & lab — Build and maintain testing environments, servers, scanning engines, and supporting platforms

Automation & tooling — Write scripts, improve internal tooling, and integrate testing tools with CI/CD and reporting systems

Governance & reporting — Document findings clearly, support audits, and communicate risk to technical and non-technical stakeholders

What we're looking for

• Hands-on lab experience — Built and managed testing environments from scratch, not just used them

• Scripting ability — Python, Bash, or PowerShell — you write scripts, not just run them

• Security tooling — Comfortable with Burp Suite, Metasploit, Nessus/Tenable, Cobalt Strike, or similar

• Windows & Linux — Solid administration skills on both platforms

• Regulated environment — Experience in financial services or another regulated industry is a strong plus

Nice to have

OSCP · CRTO · CEH · GPEN / GWAPT · Cloud certifications · VMware / Proxmox · BloodHound / Mimikatz · CI/CD integration

One thing worth knowing

This role isn't just about hacking. Around 40% of your time will be infrastructure, documentation, process improvement, and supporting audits. If that sounds like a grind, this probably isn't the right fit. If it sounds like the part that keeps everything else working — we should talk.