Penetration tester

💚About Groupon
At Groupon, we connect millions of customers with local businesses every day. Security is paramount to this mission, ensuring our digital landscape remains resilient and safe. We are looking for a passionate Penetration Tester to join our global security team and play a critical role in safeguarding our infrastructure and maintaining compliance with key standards like PCI DSS.

🚀Your Mission
As a Penetration Tester at Groupon, you’ll be at the forefront of ensuring the security of our web, mobile applications, and infrastructure. You’ll identify vulnerabilities, manage their remediation, and help protect sensitive information. In this role, you'll have the opportunity to make a direct impact on the security of Groupon's global platform, ensuring our customers' data stays safe and secure.

💪🏼What You’ll Do

• Web Application Testing: Conduct penetration tests to uncover vulnerabilities like SQL injection, XSS, and other OWASP Top Ten risks.

• Mobile Application Testing: Perform security assessments on iOS and Android apps using advanced tools and methods.

• Infrastructure Testing: Test the security of our networks, servers, and firewalls to ensure our infrastructure is secure from potential threats.

• Vulnerability Management: Track and manage vulnerabilities, working with cross-functional teams to ensure prompt remediation.

• Security Reporting: Prepare detailed reports on findings and recommend clear remediation strategies.

• Compliance Support: Help maintain PCI DSS compliance, aligning all security activities with regulatory requirements.

👌Why You’ll Love It Here

• The thrill of identifying and resolving security vulnerabilities in critical applications.

• Collaborating with a global, dynamic team to improve security practices.

• Having an integral role in the protection of sensitive customer and company data.

• Opportunity to grow into a Senior Penetration Tester or Vulnerability Manager within 1-2 years.

📖What You Bring

• 4+ years of hands-on penetration testing experience in web, mobile, and infrastructure environments.

• Proficiency in penetration testing tools like Burp Suite, Qualys, and Metasploit.

• Strong understanding of web and mobile security standards (OWASP Top Ten).

• Familiarity with network security and infrastructure testing.

• Certifications like OSCP, CEH, or similar are a plus.

• Effective communication skills, able to explain complex security issues to both technical and non-technical stakeholders.

✅Nice-to-Have

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).

• Knowledge of PCI DSS standards.

Ready to Apply?
If you're passionate about cybersecurity and want to be part of a team that values proactive defense and cutting-edge security measures, we'd love to hear from you! Apply now and help us build a more secure future at Groupon.

Groupon’s purpose is to build strong communities through thriving small businesses. To learn more about the world’s largest local ecommerce marketplace, click here. You can also find out more about us in the latest Groupon news as well as learning about our DEI approach. If all of this sounds like something that’s a great fit for you, then click apply and join us on a mission to become the ultimate destination for local experiences and services.

Beware of Recruitment Fraud: Groupon follows a merit-based recruitment process without charging job seekers any fees. We've noticed an increase in recruitment fraud, including fake job postings and fraudulent interviews and job offers aimed at stealing personal information or money. Be cautious of individuals falsely representing Groupon's Talent Acquisition team with fake job offers. If you encounter any suspicious job offers or interview calls demanding money, recognize these as scams. Groupon is not responsible for losses from such dealings. For legitimate job openings, always check our official careers website at grouponcareers.com.