Senior Penetration Tester – Cybersecurity & Offensive Security

Technologies we use

About the project

Your responsibilities

• Lead and perform sophisticated penetration testing activities on custom mobile applications, infrastructure, web services, and APIs, including manual assessments and source code reviews.
• Document root causes and risk analyses of vulnerabilities clearly and professionally.
• Follow and improve security testing processes, raising gaps and opportunities for enhancing testing methodologies.
• Collaborate with DevOps teams to automate testing tasks and integrate security controls into CI/CD pipelines.
• Develop a deep understanding of business functionalities to tailor testing approaches to specific risks.
• Demonstrate and code proof-of-concept exploits when needed to validate vulnerabilities.
• Coordinate security testing projects, including creating test plans, cases, and reports.
• Advise on vulnerability remediation, control implementation, and secure development practices.
• Assess release risks and identify misuse scenarios based on business requirements.
• Track, remediate, and document security vulnerabilities and support risk acceptance procedures.
• Ensure compliance with security policies and regulatory standards.
• Evaluate new security testing technologies and keep abreast of industry research.
• Mentor junior team members and contribute to process improvements.

Our requirements

• At least 4 years of demonstrable experience in penetration testing, with a strong technical background.
• Solid understanding of platform security models for iOS and Android.
• Expertise in mobile application security risks, web vulnerabilities, and infrastructure assessment.
• Hands-on experience with manual and automated security testing tools and methodologies.
• Programming/scripting skills in relevant languages (e.g., Java, Kotlin, Objective C, Swift).
• Strong TCP/IP knowledge and understanding of security implications.
• Fluent in English, with excellent communication skills suitable for technical and non-technical audiences.
• Ability to work independently or lead small teams of penetration testers.

Optional

• Relevant security certifications (e.g., OSCP, CISSP).
• Experience with security testing frameworks such as OWASP MASVS and MSTG.
• Knowledge of cloud-hosted applications and services.
• Experience with secure software development lifecycle and reverse engineering.

This is how we organize our work

This is how we work

What we offer

• Stable and long-term cooperation with very good conditions
• Enhance your skills and develop your expertise in the financial industry
• Work on the most strategic projects available in the market
• Define your career roadmap and develop yourself in the best and fastest possible way by delivering strategic projects for different clients of ITDS over several years
• Participate in Social Events, training, and work in an international environment
• Access to attractive Medical Package
• Access to Multisport Program
• Access to Pluralsight
• Flexible hours

Benefits

#GETREADY to meet with us!

ITDS’s Whistleblower Procedure