Penetration Tester, Security Assessment Platform

DataArt·Armenia, Cyprus, Georgia, Kazakhstan, Poland, Serbia·Удалённо, Офис·3 нед. назад

About the Position

We are looking for a Middle Penetration Tester who will be involved in network and application level security assessments. You will use automated tools and manual techniques to identify and verify security vulnerabilities. This role includes preparing assessment reports, interacting with clients to clarify scope and gather information, and contributing to the improvement of security processes and tools.

About the Project

A security focused initiative aimed at performing vulnerability assessments and penetration tests for a variety of digital systems. The project supports continuous improvement of security practices and contributes to the development of internal tools and methodologies. The work includes research activities, process enhancement, and collaboration with technical teams to strengthen overall security posture.

About the Team

You will join a security oriented team that consists of penetration testers, security analysts, and engineers. The team collaborates closely, shares knowledge, and supports research and internal tool development.

Responsibilities

Conduct network and application level security assessments
Use automated tools and manual techniques to identify and validate vulnerabilities
Prepare clear and comprehensive assessment reports with root cause details and remediation steps
Communicate with clients to gather information, clarify scope, and discuss security controls
Support internal security competence development through research, tool creation, and process improvement
Collaborate with other team members across security and engineering domains

Requirements

One year of experience performing vulnerability assessments and penetration tests
Three years of experience in the IT industry with familiarity across technologies such as Linux, Windows, Active Directory, JavaScript, .NET, SQL
Experience applying structured methodology for vulnerability assessments and penetration tests
Understanding of web application vulnerabilities
Ability to describe and report vulnerabilities along with typical remediation activities
Experience with open source and commercial security tools including Burp Suite, Nessus, Metasploit, Nmap, sqlmap
Knowledge of programming or scripting for creating auxiliary security tools
Ability to work effectively with customers and self manage in challenging situations

Nice to Have

Security certifications including OSCP, CRTO, CPTS, eWPT, BSCP
Strong programming experience in a modern language
Experience with mobile application penetration testing
Experience with reverse engineering and binary analysis
Experience publishing technical content or speaking at industry events
Familiarity with security standards including PCI DSS and ISO 27000

Technologies

Burp Suite, Nessus, Metasploit, Nmap, sqlmap, Linux, Windows, Active Directory, JavaScript, .NET, SQL, scripting languages