We are seeking a highly motivated and technically proficient Senior Penetration Tester to join our security research division. This role is dedicated to performing advanced offensive security assessments against the biggest companies in the world
You need to be independent, attentive to details, organized, eager to learn new things, and like to research and solve problems
What youll do:
Lead and execute comprehensive, technically rigorous penetration tests targeting complex web applications, modern API architectures, and enterprise systems for organizations with significant global presence.
Engage in sophisticated Red Team projects, including the identification of undisclosed API endpoints, development of novel bypass techniques for established security controls, and lateral movement within target environments.
Contribute substantively to the design, development, and maintenance of proprietary internal security tools and automation frameworks to enhance the efficacy and efficiency of offensive operations.
You need to be independent, attentive to details, organized, eager to learn new things, and like to research and solve problems
What youll do:
Lead and execute comprehensive, technically rigorous penetration tests targeting complex web applications, modern API architectures, and enterprise systems for organizations with significant global presence.
Engage in sophisticated Red Team projects, including the identification of undisclosed API endpoints, development of novel bypass techniques for established security controls, and lateral movement within target environments.
Contribute substantively to the design, development, and maintenance of proprietary internal security tools and automation frameworks to enhance the efficacy and efficiency of offensive operations.
Requirements:
Minimum of 3 years of proven, hands-on experience in application security analysis, with a heavy emphasis on complex API penetration testing and a mastery of the OWASP Top 10 landscape.
Proficiency in developing and automating tasks using at least one language like Python, JavaScript, or GoLang.
Strong experience with static and dynamic analysis of Android and iOS applications, including hands-on experience with techniques like detours, hooking, and runtime code manipulation
Deep, hands-on knowledge of the latest tactics, techniques, and procedures (TTPs) used in advanced penetration testing and network analysis.
Ability to author comprehensive and technically rigorous reports detailing identified vulnerabilities and research outcomes.
Hands-on experience with industry-standard reversing tools like JADX, Ghidra, or IDA Pro.
Nice to have:
OSCP, OSWE, eWPTXv2, CRTP, or other high-level offensive certifications.
Demonstrated online achievements, write-ups, or contributions on platforms such as HackTheBox, Pwn2Own, TryHackMe, Bug Bounty programs, or published security research.
Minimum of 3 years of proven, hands-on experience in application security analysis, with a heavy emphasis on complex API penetration testing and a mastery of the OWASP Top 10 landscape.
Proficiency in developing and automating tasks using at least one language like Python, JavaScript, or GoLang.
Strong experience with static and dynamic analysis of Android and iOS applications, including hands-on experience with techniques like detours, hooking, and runtime code manipulation
Deep, hands-on knowledge of the latest tactics, techniques, and procedures (TTPs) used in advanced penetration testing and network analysis.
Ability to author comprehensive and technically rigorous reports detailing identified vulnerabilities and research outcomes.
Hands-on experience with industry-standard reversing tools like JADX, Ghidra, or IDA Pro.
Nice to have:
OSCP, OSWE, eWPTXv2, CRTP, or other high-level offensive certifications.
Demonstrated online achievements, write-ups, or contributions on platforms such as HackTheBox, Pwn2Own, TryHackMe, Bug Bounty programs, or published security research.
This position is open to all candidates.
