All offersGdańskSecurityPenetration Tester
Penetration Tester
Security
1dea

Penetration Tester

1dea
Gdańsk
Type of work
Full-time
Experience
Mid
Employment Type
B2B
Operating mode
Remote

Tech stack

    Python
    advanced
    Burp Suite
    advanced
    SIEM
    advanced
    OWASP ZAP
    advanced

Job description

Online interview

For one of our key Clients we're looking for an expert specialist for the position of:

Senior Automation Tester (Python + Security)

 


Terms of engagement:

 

Area: Consulting IT (project for transportation area)

Localisation: 100% remote

Start: ASAP (max 3 months notice period)

Salary rate (determined individually): 120 - 135 PLN net + VAT / h

Terms: B2B (outsourcing via 1dea), full-time, long-term

 


Recruitment process (100% remotely):

  • Phone "hello" interview with 1dea recruitment consultant (~10 min)
  • Technical and business conversation with our Client (approx. 1 hour)
  • Decision to cooperate



Scope of duties:

  • Understand Security Needs: Collaborate with architects and product owners to define security requirements and limitations.
  • Craft Security Tests: Design test scripts using security tools (Burp Suite, OWASP ZAP) to comprehensively cover all security aspects.
  • Build Security Frameworks: Develop, implement, and document reusable security testing frameworks for efficient testing.
  • Execute Security Testing: Conduct various tests (vulnerability assessments, threat modeling) for both on-premise and cloud environments using chosen tools and methodologies.
  • Report & Mitigate Risks: Identify, document, analyze vulnerabilities, threats, and risks; recommend solutions; monitor security trends and report findings to stakeholders.


 

Requirements:

Experience:

  • Minimum 3 years of hands-on experience applying security testing practices.
  • Proven track record in securing backend, API, and web service applications.

Technical Skills:

  • Strong understanding of security testing tools (Burp Suite, OWASP ZAP, etc.).
  • Ability to automate security testing using scripting languages (Python preferred).
  • Expertise in security analysis and designing effective security tests.
  • Experience with security monitoring and diagnostic tools (SIEM systems).
  • Security-focused knowledge of messaging protocols and API technologies.
  • Proficiency in Unix/Linux with a focus on secure configurations and best practices.
  • Practical experience with automated testing frameworks (Selenium WebDriver, Cypress, Playwright).
  • Working knowledge of SQL and relational databases from a security perspective.

Certifications & Methodologies:

  • Industry-recognized security certification (ISTQB Security Tester, CompTIA Security+, etc.).
  • Solid grasp of networking technologies including encryption, load balancing, and firewalls.
  • Experience following established security testing methodologies and processes.

Reporting & Integration:

  • Proven ability to create comprehensive security test reports with actionable findings and recommendations.
  • Familiarity with DevSecOps tools (Bitbucket, Jenkins, GitLab) for integrating security testing into the CI/CD pipeline.




We offer:

  • A transparent model of long-term cooperation (B2B contract for an indefinite period)
  • Stable and safe involvement in a company with a solid market position
  • Modern equipment provided by the company, along with software and configuration
  • Flexible working hours
  • Possibility to work remotely 100% of the time
  • Professional advice and career support by a team of experienced specialists
  • A mature and sustainable design ecosystem
  • Good atmosphere in the team - values such as camaraderie, openness, respect, mutual help and support in development are important to us
  • We try to work in the spirit of Agile, which we understand as: continuous improvement, effective cooperation and the use of an empirical approach during the development of manufactured products
  • We support a culture of creativity - each team member has the opportunity to propose their own ideas or solutions - you will always be listened to and your suggestions will be taken into account