Job description

We are looking for you if you:

• have several years of hands-on experience in penetration testing and vulnerability assessment,

• ae proficient in various penetration testing tools and methodologies such as Burp Suite, Nmap, Ghidra, IDA, Frida, and others,

• have good knowledge of programming and scripting languages,

• possess strong analytical and problem-solving skills to identify and exploit vulnerabilities,

• hold relevant hands-on certifications (e.g., eWPTX, OSWE, OSEP, BSCP and others).

English level : Communicate fluently in English (B2/C1 level)

You’ll get extra points for:

• knowledge of advanced persistent threats (APTs) and modern attack techniques,

• experience with cloud security and testing cloud environments,

• contributions to the cybersecurity community (e.g., published research, registered CVEs, conference presentations),

• higher technical education, preferably in Information Technology,

• holding additional security certifications (e.g., CISSP, CISA, CISM and others),

• experience working in an international environment.

Your responsibilities:

• conduct comprehensive penetration tests on applications, infrastructure, and systems,

• evaluate and report on the risk of identified vulnerabilities, providing actionable remediation guidance,

• support the implementation of IT security requirements and standards across projects,

• collaborate with development and infrastructure teams to improve security posture,

• mentor and support junior penetration testers and other team members,

• contribute to the development and refinement of internal testing methodologies and tools,

• stay up to date with emerging threats, tools, and techniques in offensive security.

Information about the squad:

As a member of our global CISO, you will join the Offensive Security Center of Expertise (CoE) with 40 pentesters (divided into 3 squads), which plays a key role in proactively identifying security risks across the organization. This is a strategic initiative for the company, focused on enhancing cyber resilience through advanced penetration testing and red teaming. You will work in a modern, international environment with access to the latest tools and technologies.The role naming convention in the global ING job architecture will be “Engineer III”.