Senior Penetration Tester

About the Role
We are looking for a Security Engineer who will support both penetration testing efforts and in-house development of security tooling. The ideal candidate has solid programming experience and a strong foundation in identifying, analyzing, and remediating vulnerabilities across applications, networks, and systems. In addition to testing responsibilities, this role will contribute to the development and maintenance of internal InfoSec tools, and serve as a technical advisor during forensic investigations.

What You Will Do

• Conduct penetration tests on internal and external systems, applications, and infrastructure.  
• Develop, improve, and maintain custom security tools for internal use.  
• Provide technical expertise and guidance during forensic investigations and incident analysis.  
• Document test results and forensic findings with actionable recommendations.  
• Collaborate with engineering, infrastructure, and compliance teams to drive security improvements.  
• Stay informed of current security trends, vulnerabilities, and exploits.

What We Are Looking For

• Bachelor's or Master's degree in Computer Science, Information Security, or related fields.  
• Solid programming skills (e.g., Golang, Python, JavaScript, or others).  
• Proven experience in penetration testing (web, mobile, and/or network).  
• Certifications such as **OSCP** or **CREST** are mandatory.  
• Knowledge of security frameworks (e.g., OWASP Top 10, NIST, CIS).  
• Ability to analyze incidents and provide forensic guidance.  
• Strong problem-solving and communication skills. 

Nice to Haves

• Familiarity with Golang is a plus.  
• Experience in code review, secure coding practices, and threat modeling.  
• Additional certifications such as OSCE, CEH, or GCIH.  
• Experience with CI/CD integration for security tools or automated testing.  
• Exposure to cloud or container security (AWS, GCP, Docker, Kubernetes).  
• Involvement in CTFs, bug bounties, or open-source security projects.