Senior Penetration Tester

Join us, and innovate in the realm of cyber protection!

Krakow-based opportunity with the possibility to work 100% remotely!

As a Senior Penetration Tester, you will be working for our client, a leading financial institution known for its commitment to robust cybersecurity practices. In this role, you will play a pivotal part in ensuring the security of the customer’s technology infrastructure by identifying vulnerabilities and implementing effective risk mitigation strategies. You will collaborate with global cybersecurity teams and stakeholders to enhance security measures and protect the institution’s values, reputation, and stakeholder interests.

Your main responsibilities:

• Performing highly technical security assessments of custom mobile applications, infrastructure, networks, web services, and APIs
• Leading and conducting penetration tests to clearly articulate risk to the business in understandable terms
• Documenting root cause and risk analysis of all findings professionally and clearly
• Collaborating with DevOps teams to meet security testing requirements and automate repetitive tasks
• Developing an understanding of business functionality and applying appropriate testing methodologies
• Coding and demonstrating basic proof-of-concept exploits of vulnerabilities when necessary
• Advising on vulnerability remediation, control implementation, and secure development practices
• Assisting in planning, test execution, and vulnerability mitigation
• Mentoring junior team members and providing guidance and supervision
• Representing the Cybersecurity function as a technical SME in internal and external discussions

You’re ideal for this role if you have:

• At least 5 years of hands-on experience in penetration testing
• Fluent English
• Critical thinking abilities to clearly articulate identified issues and their consequences
• Capability to converse on cybersecurity aspects with both technical and non-technical audiences
• Broad penetration testing and/or leadership management skills
• Understanding of the business context and significance of technical penetration testing findings
• Consistent output of superior quality deliverables
• Entrepreneurial attitude to excel in loosely defined scenarios
• Ability to work independently or lead any size team of penetration testers
• Excellent time management skills and self-discipline

It is a strong plus if you have:

• Strong understanding of software development lifecycles, especially DevOps
• Experience with dynamic and static application security testing and associated tools
• Experience with performing security code reviews for Java, Objective C, Swift, and Kotlin programming languages
• Knowledge of security verification mechanisms such as SSL, Pinning, Biometric Authentication, Out of Band Authentication, JWT, SAML, RASP, OAuth2, etc.
• Hands-on experience with SAST, DAST, IAST tools and ways to supplement their limitations
• Prior programming experience with Java, Kotlin, Objective C & Swift programming languages

#GETREADY  to meet with us!

We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at recruitment@itds.pl.

Internal number #5423