Senior Penetration Tester – Cybersecurity & Offensive Security

Unleash the Future of Cybersecurity — Lead the Charge in Penetration Testing!

Krakow-based opportunity with hybrid work model (up to 3 days remote per week).

As a Senior Penetration Tester – Cybersecurity & Offensive Security, you will be working for our client, a global leader in cybersecurity research and offensive security. You will play a critical role in safeguarding financial institutions by proactively identifying vulnerabilities, testing defenses, and driving security innovation across diverse technologies. This position offers a unique chance to impact security leadership and advance your career in a forward-thinking environment.

Your main responsibilities:

• Lead and perform sophisticated penetration testing activities on custom mobile applications, infrastructure, web services, and APIs, including manual assessments and source code reviews.
• Document root causes and risk analyses of vulnerabilities clearly and professionally.
• Follow and improve security testing processes, raising gaps and opportunities for enhancing testing methodologies.
• Collaborate with DevOps teams to automate testing tasks and integrate security controls into CI/CD pipelines.
• Develop a deep understanding of business functionalities to tailor testing approaches to specific risks.
• Demonstrate and code proof-of-concept exploits when needed to validate vulnerabilities.
• Coordinate security testing projects, including creating test plans, cases, and reports.
• Advise on vulnerability remediation, control implementation, and secure development practices.
• Assess release risks and identify misuse scenarios based on business requirements.
• Track, remediate, and document security vulnerabilities and support risk acceptance procedures.
• Ensure compliance with security policies and regulatory standards.
• Evaluate new security testing technologies and keep abreast of industry research.
• Mentor junior team members and contribute to process improvements.

You're ideal for this role if you have:

• At least 4 years of demonstrable experience in penetration testing, with a strong technical background.
• Solid understanding of platform security models for iOS and Android.
• Expertise in mobile application security risks, web vulnerabilities, and infrastructure assessment.
• Hands-on experience with manual and automated security testing tools and methodologies.
• Programming/scripting skills in relevant languages (e.g., Java, Kotlin, Objective C, Swift).
• Strong TCP/IP knowledge and understanding of security implications.
• Fluent in English, with excellent communication skills suitable for technical and non-technical audiences.
• Ability to work independently or lead small teams of penetration testers.

It is a strong plus if you have:

• Relevant security certifications (e.g., OSCP, CISSP).
• Experience with security testing frameworks such as OWASP MASVS and MSTG.
• Knowledge of cloud-hosted applications and services.
• Experience with secure software development lifecycle and reverse engineering.

Language Required for the role:

• Fluent in English.

Eligibility to work on this role:

• Only candidates with an existing legal right to work in the European Union will be considered for this role.

#MAKEYourCareerBETTER
Interested? Apply now and include your CV (preferably in English) along with a statement confirming your consent to the processing and storage of your personal data.