Penetration Tester

Project overviewA security-focused initiative aimed at performing vulnerability assessments and penetration tests for a variety of digital systems. The project supports continuous improvement of security practices and contributes to the development of internal tools and methodologies. The work includes research activities, process enhancement, and collaboration with technical teams to strengthen the overall security posture.TeamYou will join a security-oriented team that consists of penetration testers, security analysts, and engineers. The team collaborates closely, shares knowledge, and supports research and internal tool development.Position overviewWe are looking for a Middle Penetration Tester who will be involved in network and application-level security assessments. You will use automated tools and manual techniques to identify and verify security vulnerabilities. This role includes preparing assessment reports, interacting with clients to clarify scope and gather information, and contributing to the improvement of security processes and tools.Technology stackBurp Suite, Nessus, Metasploit, Nmap, sqlmap, Linux, Windows, Active Directory, JavaScript, .NET, SQL, scripting languagesResponsibilitiesConduct network and application-level security assessmentsUse automated tools and manual techniques to identify and validate vulnerabilitiesPrepare clear and comprehensive assessment reports with root cause details and remediation stepsCommunicate with clients to gather information, clarify scope, and discuss security controlsSupport internal security competence development through research, tool creation, and process improvementCollaborate with other team members across security and engineering domainsRequirementsOne year of experience performing vulnerability assessments and penetration testsThree years of experience in the IT industry with familiarity across technologies such as Linux, Windows, Active Directory, JavaScript, .NET, SQLExperience applying structured methodology for vulnerability assessments and penetration testsUnderstanding of web application vulnerabilitiesAbility to describe and report vulnerabilities along with typical remediation activitiesExperience with open source and commercial security tools, including Burp Suite, Nessus, Metasploit, Nmap, and sqlmapKnowledge of programming or scripting for creating auxiliary security toolsAbility to work effectively with customers and self-manage in challenging situationsNice to haveSecurity certifications, including OSCP, CRTO, CPTS, eWPT, BSCPStrong programming experience in a modern languageExperience with mobile application penetration testingExperience with reverse engineering and binary analysisExperience publishing technical content or speaking at industry eventsFamiliarity with security standards, including PCI DSS and ISO 27000What We Offer:Vacation days: Up to 26 business days per year.10 illness/special days off per year (fully paid, no medical papers needed) for all contract typesHealth and life insurance (Luxmed)MyBenefit platform with Multisport optionInternal psychological support serviceEnglish language classes from the first working dayAccess to external learning platforms: O’Reilly, LinkedIn Learning, Udemy, and a wide catalog of diverse internal trainingFlexible workplace: work from the office, from home, or choose a hybrid optionTech Skills Mentoring ProgramOpportunities to develop as a public speaker, mentor, or technical interviewerFully paid idle (bench) when not involved in a projectCertification reimbursement (AWS, GCP, Microsoft, etc.)