Penetration Tester

Position: Penetration Tester – Application & Infrastructure

We are looking for a skilled and motivated Penetration Tester to join our security team and take full ownership of penetration testing activities. This role involves hands-on assessments of applications and infrastructure, risk analysis, and helping secure new initiatives from design to deployment.

Responsibilities:

• Own and manage end-to-end penetration testing processes.
• Conduct manual security assessments on web applications and APIs.
• Perform application and infrastructure penetration tests.
• Assess risks of new features, products, and architectures.
• Perform threat modeling for existing and new applications.
• Review application designs against security best practices.

Mandatory Requirements:

• 3+ years of experience in penetration testing or application security.
• Proven hands-on experience in manual and automated security testing.
• Strong understanding of OWASP and common web vulnerabilities.
• Familiarity with modern web application architectures.
• Self-starter with strong project management capabilities.
• Excellent communication and documentation skills (advantage).

Nice to Have:

• Familiarity with DevOps and DevSecOps practices, including CI/CD security.
• Development experience in at least one modern programming language.
• Experience in secure code reviews.
• Knowledge of cloud platforms and security.
• Background in a consulting or service provider environment.