Senior Security Penetration Tester

Description

Summary: This Senior Security Penetration Tester role focuses on identifying vulnerabilities and strengthening security across web, mobile, cloud, and LLM integrations for clients. Highlights: 1. Identify vulnerabilities and define security requirements 2. Conduct vulnerability assessments and penetration tests 3. Collaborate on security assessments and provide remediation recommendations We are looking for a **Senior Security Penetration Tester** to join our team. This role requires advanced technical skills in Web and Mobile application security, as well as expertise in modern technology stacks such as cloud environments and LLM integrations. You will be responsible for identifying vulnerabilities, defining security requirements, and helping to strengthen the security posture of our clients. **Responsibilities** * Identify relevant security specifications and standards for projects * Define and document security requirements for applications and systems * Select appropriate security tools and outline associated security checks * Develop comprehensive security testing strategies * Scope, estimate, and manage multiple tasks independently * Conduct vulnerability assessments and penetration tests on various platforms * Collaborate with technical and management teams throughout the security assessment lifecycle * Record all discovered issues using different reporting formats, including Jira and Confluence * Provide actionable remediation recommendations for identified vulnerabilities * Work with proposal teams to support client presentations and documentation * Participate in Security Champions meetings and contribute to ongoing process improvements **Requirements** * Bachelor’s or Master’s degree in Computer Science, related field, or equivalent experience * At least 3 years of hands\-on experience in security testing or penetration testing * Experience with Web Services, including SOAP and RESTful APIs * Proficiency in testing Web Applications across multiple frameworks and architectures * Background in Mobile Application security for iOS, Android, and optionally Windows Mobile * Experience with Client Applications, focusing on Windows and Linux thin and thick clients * Knowledge of Chatbots and LLM integrations, including adversarial testing and prompt injection * Familiarity with Cloud Environments, especially application\-layer security and identity management * Skilled in using security tools such as Burp Suite, Nmap, OWASP ZAP, or similar * Ability to evaluate requirements, processes, and technologies from a security perspective * Capable of selecting, educating, and communicating the right security solutions based on client needs * Able to explain assessment findings to both technical and non\-technical audiences * Experience in preparing security\-related documentation * Fluent English communication skills, both written and spoken, at B2\+ level or higher **Nice to have** * Understanding and hands\-on experience with security testing methodologies such as OSSTM, OWASP, and PTES * Ability to develop, implement, and guide security assessment processes within projects * Familiarity with static and dynamic analysis tools for mobile and client applications, such as MobSF or similar