Senior Penetration Tester – Cybersecurity & Offensive Security

Unleash the Future of Cybersecurity — Lead the Charge in Penetration Testing! Krakow-based opportunity with hybrid work model (up to 3 days remote per week). As a Senior Penetration Tester – Cybersecurity & Offensive Security, you will be working for our client, a global leader in cybersecurity research and offensive security. You will play a critical role in safeguarding financial institutions by proactively identifying vulnerabilities, testing defenses, and driving security innovation across diverse technologies. This position offers a unique chance to impact security leadership and advance your career in a forward-thinking environment. Your main responsibilities: • Lead and perform sophisticated penetration testing activities on custom mobile applications, infrastructure, web services, and APIs, including manual assessments and source code reviews. • Document root causes and risk analyses of vulnerabilities clearly and professionally. • Follow and improve security testing processes, raising gaps and opportunities for enhancing testing methodologies. • Collaborate with DevOps teams to automate testing tasks and integrate security controls into CI/CD pipelines. • Develop a deep understanding of business functionalities to tailor testing approaches to specific risks. • Demonstrate and code proof-of-concept exploits when needed to validate vulnerabilities. • Coordinate security testing projects, including creating test plans, cases, and reports. • Advise on vulnerability remediation, control implementation, and secure development practices. • Assess release risks and identify misuse scenarios based on business requirements. • Track, remediate, and document security vulnerabilities and support risk acceptance procedures. • Ensure compliance with security policies and regulatory standards. • Evaluate new security testing technologies and keep abreast of industry research. • Mentor junior team members and contribute to process improvements. You're ideal for this role if you have: • At least 4 years of demonstrable experience in penetration testing, with a strong technical background. • Solid understanding of platform security models for iOS and Android. • Expertise in mobile application security risks, web vulnerabilities, and infrastructure assessment. • Hands-on experience with manual and automated security testing tools and methodologies. • Programming/scripting skills in relevant languages (e.g., Java, Kotlin, Objective C, Swift). • Strong TCP/IP knowledge and understanding of security implications. • Fluent in English, with excellent communication skills suitable for technical and non-technical audiences. • Ability to work independently or lead small teams of penetration testers. It is a strong plus if you have: • Relevant security certifications (e.g., OSCP, CISSP). • Experience with security testing frameworks such as OWASP MASVS and MSTG. • Knowledge of cloud-hosted applications and services. • Experience with secure software development lifecycle and reverse engineering. Language Required for the role: • Fluent in English. Eligibility to work on this role: • Only candidates with an existing legal right to work in the European Union will be considered for this role. #MAKEYourCareerBETTER Interested? Apply now and include your CV (preferably in English) along with a statement confirming your consent to the processing and storage of your personal data.