We are seeking a highly skilled and experienced Senior Penetration Tester to join our cybersecurity team. The ideal candidate will have extensive expertise in identifying vulnerabilities across diverse platforms, developing Proof-of-Concept (PoC) exploits, and delivering comprehensive reports. The candidate will work on a variety of projects, including web applications, API, mobile app, and infrastructure penetration testing. Additionally, the role involves red team exercises, source code reviews, and providing actionable remediation recommendations.
Responsibilities
- Conduct advanced penetration tests on Web Applications, APIs, Mobile Applications and Infrastructure using approved tools and best practices
- Perform static code analysis, focusing on .NET, Java, and occasionally PHP
- Participating in our leading team engagements to simulate real-world attacks
- Develop PoC exploits to demonstrate vulnerabilities and their business impact
- Prepare detailed reports with findings, risk assessments, and mitigation strategies
- Write concise and actionable executive summaries for non-technical stakeholders
- Work with development and infrastructure teams to address vulnerabilities and enhance security
Competencies (Soft Skills)
- Communication skills
- Analytical skills
- Detail oriented
- Cooperation and Teamwork
- Active learning skills
- Time management
- Problem solving skills
- Positive Attitude
- Strong Work Ethic
Personnel specifications
- Diploma: Bachelor’s or master’s degree in computer science, Cybersecurity, Information Technology, or a related field.
- Experience: 3 years of practical experience as a penetration tester.
Specific areas of expertise:
Requirements:
- Extensive experience in penetration testing, covering Web Applications, APIs, Mobile Applications, and Infrastructure
- Strong knowledge of OWASP Top 10 and MITRE ATT&CK Framework
- Experience in red teaming engagements, including adversary simulation and bypassing detection mechanisms
- Knowledge of secure coding practices and remediation strategies
- Excellent report writing and communication skills to convey technical findings effectively to both technical and non-technical stakeholders
- Strong analytical and problem-solving skills to identify and exploit complex vulnerabilities
- Ability to work collaboratively with cross-functional teams (development, DevOps, infrastructure) to resolve vulnerabilities
- Scripting and programming knowledge (Python, Bash, JavaScript) is a plus
Certifications
- Certifications such as OSCP, OSWE, OSEP, CRTL or similar are preferred
Language Skills
- Azerbaijani (required)
- English (required)
Salary: upon the interview
Interested candidates can send their CV to the e-mail address in the Apply for job button by mentioning Penetration Tester in the subject line.