Pen Tester

Bosta is a rapidly growing tech startup redefining logistics and financing for e-commerce in the Middle East and Africa. We empower digital entrepreneurs with robust, end-to-end solutions that streamline trade, provide world-class logistics, and facilitate seamless business operations.Our engineering culture is centered around delivering exceptional user experiences and automating every internal operation—from Operations and CS to Accounting and Sales. As we scale, we lean on automation, data, and AI to move faster and innovate smarter.

Main Responsibilities:

• White Box Web Application Penetration Testing: Perform in-depth assessments of web applications using source code, architecture diagrams, and other internal documentation to identify vulnerabilities and security gaps.
• API Penetration Testing: Evaluate RESTful APIs for security flaws, including authorization, authentication, data exposure, business logic vulnerabilities, and protocol-specific threats.
• Threat Modeling & Risk Assessment: Analyze application designs and threat models to discover potential weaknesses before testing begins.
• Vulnerability Identification.
• Reporting & Communication: Clearly document findings, evidence, and remediation steps; present results to technical and non-technical stakeholders.
• Collaboration: Work hand-in-hand with development, DevOps, and infrastructure teams to design secure applications and validate remediation efforts.
• Security Best Practices: Stay up-to-date on the latest security trends, vulnerabilities, and exploitation techniques relevant to web and API environments.

Key Skills Required:

• Experience:2+ years in penetration testing, with a focus on mobile, web applications, and APIs.
• Hands-on experience with white box testing methodologies.
• Strong understanding of web application architectures, authentication, and authorization mechanisms.
• Familiarity with JavaScript, Python, Java, or other modern programming languages.
• Experience reading and analyzing source code to identify security issues.
• Proficiency with common penetration testing tools, Knowledge of secure coding standards and practices.
• Excellent problem-solving and analytical skills.
• Effective written and verbal communication.
• Strong attention to detail and ability to work both independently and as part of a team.