All offersGdańskTestingPentester
HTD Polska Sp. z o.o.


HTD Polska Sp. z o.o.
Type of work
Employment Type
B2B, Permanent
Operating mode

Tech stack

    IT Security
    Burp Suite
    Network Security
    Web Application Security
    Mobile apps security
    nice to have

Job description

We are HTD Health – a fast-growing development shop on a mission to build software that will solve meaningful problems in healthcare. We help ideate, design, build, grow, and scale with digital health startups, clinics large and small, medical device consulting firms, and other non-healthcare entrepreneurs. 


Currently, we have an excellent opportunity for an ambitious Pentester to join our HTD Health growing team! 

What we need from you:

  • At least 2 years of commercial experience in a similar position;
  • Communicative level of English – you feel okay with speaking about technical things in English
  • Developed interpersonal skills;
  • Skills of logical and coherent transmission of thoughts;
  • Proactivity and willingness to constantly develop and improve processes;
  • Reliability, creativity, and independence;

Key responsibilities:

  • Conduct Penetration Testing: 

Perform comprehensive penetration tests across various projects, identifying vulnerabilities in both web and mobile applications. While expertise in web application testing is a must, experience in mobile app testing would be highly advantageous.

  • Report Creation and Analysis

Develop detailed reports outlining discovered vulnerabilities, along with recommended fixes. These reports should serve as a guide for development teams to address and mitigate security weaknesses effectively

  • Strategic Development and Improvement

Take the initiative to elevate and enhance our existing penetration testing processes. This includes creating and defining strategic approaches to penetration testing that build upon our current methodology, ensuring our practices remain at the forefront of the industry.

  • Support and Collaboration

Provide timely and expert security advice to both internal teams and clients on an ad-hoc basis. This involves close collaboration with development teams to address specific security concerns and working with clients to tailor documentation and recommendations according to best practices.

  • Presentation and Education:

Effectively communicate the outcomes of penetration tests to clients and internal stakeholders. This includes presenting detailed reports and explaining our penetration testing process in a manner that is accessible and informative.

  • Continuous Testing and Feedback:

Regularly conduct penetration tests across different projects, offering actionable feedback and recommendations to improve security postures. This continuous cycle of testing and feedback is crucial for maintaining high security standards across all projects.

  • Cross-Project Involvement:

Engage in diverse projects, contributing to a broad spectrum of cybersecurity challenges. Your role will necessitate flexibility and adaptability, ensuring security measures are consistently applied and optimized across various development environments.

  • Security Awareness Training:

Participate in the development and delivery of security awareness training for employees. This could involve creating training materials, conducting workshops, or presenting at team meetings to educate staff on security best practices and the importance of cybersecurity.

  • Incident Response Support:

Assist the incident response team in the event of a security breach or attack. This includes helping to identify the source of the breach, assessing the extent of the damage, and recommending remediation steps.

  • Compliance and Regulatory Understanding:

Stay informed about relevant security standards, compliance requirements, and regulatory frameworks. Apply this knowledge during penetration tests to ensure not only the security but also the compliance of applications and systems.

  • HIPAA Compliance Testing:

Ensure all penetration testing activities are in strict adherence to the Health Insurance Portability and Accountability Act (HIPAA) regulations. Evaluate the security and privacy of systems handling protected health information (PHI) to prevent unauthorized access or breaches, thereby safeguarding patient data and maintaining regulatory compliance.

Nice to have

  • Ethical Hacking Certifications
  • Experience in Health Tech
  • Experience in mobile app pentesting

What you can expect from us:

  • Salary depending on your skills and experience: 

      - PLN 9 000 - 16 200 + VAT on a B2B contract 

      - PLN 7 500 - 13 500 gross on employment contract

  • 25 paid days off (B2B);
  • Flexible working hours; 
  • Possibility of working 100% remotely (you can be based anywhere);
  • Personal educational budget: conferences, courses, workshops, and more;
  • Individual career path and continuous evaluation of your development;
  • Private medical care;
  • Multisport Plus member card or cinema tickets;
  • All necessary equipment such as MacBook PRO, additional monitor and accessories;
  • Work with the best tools available. We provide licences for IDEs and code editors;
  • A+ office that includes coworking space with spots where you can crush with your laptop, open kitchen, standing desks, teleconference equipment, etc.;
  • Participation in innovative and challenging projects for clients around the world;