Join the client’s internal team of highly skilled pentesters working on some of the most critical systems in the organization. In this role, you will conduct penetration testing across a wide range of applications, including web platforms, infrastructure, and cloud, often with direct access to source code for faster validation of findings.

You will be part of one of the most innovative Technology Risk teams in the industry, where risk management is approached as a business enabler rather than just a security function. You will work closely with the client’s technology teams on both in-house projects and external cloud integrations, ensuring secure products and solutions are delivered.

Key Responsibilities:

• Perform penetration tests on web applications, cloud-based systems, and infrastructure platforms (e.g., banking websites, payment applications, authentication systems, core internal frameworks, critical infrastructure).
• Identify and report impactful vulnerabilities, clearly demonstrating potential exploitation paths.
• Review source code, server configurations, and cloud environments to uncover security weaknesses.
• Conduct reverse engineering and fuzzing where applicable.
• Collaborate with the client’s development and infrastructure teams to recommend remediation measures and systematic improvements.

Required Skills & Experience:

• Proven experience in penetration testing across web, infrastructure, and cloud environments.
• Strong understanding of web security concepts, exploit chain creation, and communicating the real-world impact of vulnerabilities.
• Hands-on experience with code review, server/cloud configuration analysis, reverse engineering, and fuzzing.
• Proficiency with common security tools (Burp Suite, Wireshark, Ghidra, netcat).
• Familiarity with at least one programming language (Java, JavaScript, Python, C++, C#).
• Strong understanding of TCP/IP stack and network protocols.
• High-level knowledge of cryptography concepts.

Preferred Qualifications:

• Experience creating or adapting proof-of-concept exploits.
• Knowledge of widely used cloud products and solutions.
• Bachelor’s degree in Computer Science, Cybersecurity, or related field.
• Experience or training in related areas such as network security, IT administration, cloud security, and infrastructure penetration testing.
• Relevant certifications such as OSCP, OSEP, OSWP (or equivalent knowledge).

Why Join?

• Work on high-impact projects safeguarding the client’s critical systems.
• Collaborate with top-tier professionals within the client’s Technology Risk team.
• Gain exposure to a variety of technologies, from in-house systems to modern cloud platforms.

If you want to make a real impact on the security of mission-critical systems, we’d like to hear from you.