Pentester (Mid)

About the Project

We are looking for mid-level pentesters to collaborate on an international security project. The role requires working during fixed business hours 9:00–17:00 Polish time (CET/CEST), fully remote. The project demands diverse competencies — from web application testing to infrastructure security.

Responsibilities

• Penetration testing of web applications, APIs, and mobile applications
• IT infrastructure security testing (external and internal)
• Vulnerability scanning and manual verification of results
• Preparing technical reports with remediation recommendations
• Collaborating with an international security team
• Participating in planning and review sessions with the client

Requirements

• Minimum 2 years of experience in penetration testing
• Practical knowledge of tools: Burp Suite, Kali Linux, Nmap, Metasploit
• Knowledge of OWASP Top 10 and OWASP Testing Guide methodologies
• Ability to test REST APIs and GraphQL
• Basic scripting skills (Python, Bash, or PowerShell)
• Ability to write clear technical reports in English
• Good command of English (daily communication with an international team)
• Availability during 9:00–17:00 CET/CEST hours (Monday–Friday)

Nice to Have

• Certifications: OSCP, CEH, eJPT, GPEN
• Experience with cloud security testing (AWS, Azure)
• Knowledge of Active Directory security
• Experience with wireless network testing
• Participation in bug bounty programs (HackerOne, Bugcrowd)
• Familiarity with CI/CD tools and DevSecOps

What We Offer

• Project-based collaboration (B2B contract) — long-term project
• Competitive rates
• Fully remote work with fixed hours (9–17 CET)
• Certification and training funding
• Working in an international environment
• Access to security labs and tools