We are seeking a highly skilled and experienced Senior Penetration Tester to join our cybersecurity team. The ideal candidate will have extensive expertise in identifying vulnerabilities across diverse platforms, developing Proof-of-Concept (PoC) exploits, and delivering comprehensive reports. The candidate will work on a variety of projects, including web applications, API, mobile app, and infrastructure penetration testing. Additionally, the role involves red team exercises, source code reviews, and providing actionable remediation recommendations.

Responsibilities 

• Conduct advanced penetration tests on Web Applications, APIs, Mobile Applications and Infrastructure using approved tools and best practices
• Perform static code analysis, focusing on .NET, Java, and occasionally PHP
• Participating in or leading team engagements to simulate real-world attacks
• Develop PoC exploits to demonstrate vulnerabilities and their business impact
• Prepare detailed reports with findings, risk assessments, and mitigation strategies
• Write concise and actionable executive summaries for non-technical stakeholders
• Work with development and infrastructure teams to address vulnerabilities and enhance security

Competencies (Soft Skills)

• Communication skills
• Analytical skills
• Detail oriented
• Cooperation and Teamwork
• Active learning skills
• Time management
• Problem solving skills
• Positive Attitude
• Strong Work Ethic

Personnel specifications

Diploma: Bachelor’s or master’s degree in computer science, Cybersecurity, Information Technology, or a related field.
Experience: 3 years of practical experience as a penetration tester.
Specific areas of expertise:
Requirements:

• Extensive experience in penetration testing, covering Web Applications, APIs, Mobile Applications, and Infrastructure
• Strong knowledge of OWASP Top 10 and MITRE ATT&CK Framework
• Experience in red teaming engagements, including adversary simulation and bypassing detection mechanisms
• Knowledge of secure coding practices and remediation strategies
• Excellent report writing and communication skills to convey technical findings effectively to both technical and non-technical stakeholders
• Strong analytical and problem-solving skills to identify and exploit complex vulnerabilities
• Ability to work collaboratively with cross-functional teams (development, DevOps, infrastructure) to resolve vulnerabilities
• Scripting and programming knowledge (Python, Bash, JavaScript) is a plus

Certifications

• Certifications such as OSCP, OSWE, OSEP, CRTL or similar are preferred

Language Skills

• Azerbaijani (required)
• English (required)

Salary: upon the interview

Interested candidates can send their CV to the e-mail address in the Apply for job button by mentioning Senior Penetration Tester in the subject line.