About the Project
We are looking for an experienced pentester with an active EU/NATO Secret (minimum) security clearance for a grey box web security assessment project. The project covers security testing of web applications and APIs using the OWASP ASVS methodology in an assumed breach scenario. Estimated scope: ~75 MD.
Responsibilities
- Grey box security assessment of web applications and APIs
- Penetration testing following the OWASP ASVS methodology
- Executing assumed breach scenarios
- Identifying and verifying security vulnerabilities
- Preparing technical reports with remediation recommendations
- Collaborating with the client’s project team
Requirements
- Active EU/NATO Secret security clearance (minimum)
- Experience in penetration testing of web applications and APIs
- Practical knowledge of the OWASP ASVS methodology
- Familiarity with tools: Burp Suite, OWASP ZAP, Kali Linux
- Ability to write clear technical reports
- Availability for a ~75 MD project
Nice to Have
- Certifications: OSCP, OSWE, GWAPT, CEH
- Experience in projects requiring security clearance
- Knowledge of OWASP Top 10, OWASP Testing Guide
- Experience with security testing in regulated environments
- Scripting skills (Python, Bash)
What We Offer
- Project-based collaboration (B2B) — ~75 MD
- Competitive rates reflecting the required security clearance
- Working on a high-security project
- nFlo team support
Apply for Collaboration
Send your profile or portfolio. We'll respond within 7 business days.
Have questions? Email us at: wspolpraca@nflo.pl