Senior Penetration Tester

Project description:We are looking for an experienced Senior Pentester who will be responsible for conducting advanced security assessments of applications, systems, and IT infrastructure. In this role, you will work on projects covering web and mobile applications as well as infrastructure environments, identifying vulnerabilities and supporting clients in effectively mitigating them. The position also involves designing attack scenarios, improving testing methodologies, and collaborating with both technical and business teams.Main responsibilities:Perform penetration tests of web applications, mobile applications, and infrastructure (internal and external)Identify, analyze, and report vulnerabilities along with remediation recommendationsDevelop realistic attack scenarios (manual and partially automated)Collaborate with development and DevOps teams to improve security postureSupport threat modeling and security architecture reviewsContribute to the development of internal tools and testing standardsMentor junior and mid-level team membersTech stack:Web & API Security: Burp Suite Professional, OWASP Top 10, ASVS, OWASP API SecurityMobile Security: MobSF, Frida, Objection, Android & iOS Security TestingInfrastructure & Network: Nmap, Nessus, Metasploit, Active Directory, WiresharkCloud Security: AWS, Azure, GCP (Security Services)Methods & Frameworks: Manual Exploitation, Secure Code Review, SSDLC, PTESOperating Systems: Kali Linux, Parrot OS, Windows Server, Linux (Debian/RHEL)Requirements:Minimum 5 years of hands-on experience in penetration testingStrong knowledge of web application security (e.g., OWASP Top 10, ASVS, OWASP Top 10 API)Experience in mobile application testing (Android/iOS)Solid understanding of infrastructure security (networks, systems, Active Directory, cloud)Proven ability to manually exploit vulnerabilitiesFamiliarity with tools such as Burp Suite, Metasploit, Nmap, Nessus, MobSF, Frida or similarAbility to produce clear technical and executive-level reportsStrong analytical skills and an “attacker mindset”