Penetration Tester

Offensive Penetration Tester – Web & Cloud Security

Location: Stockholm, Sweden (Hybrid – 2-3 days onsite per week)

Language: Swedish and English (Fluent, Mandatory)

A leading Swedish cyber security consultancy is looking for an Offensive Penetration Tester to join their security team. This company provides security services to local Swedish organisations, primarily within the defence and government sectors. The role involves hands-on penetration testing of web applications, cloud environments, and Active Directory, helping clients strengthen their security posture against real-world threats.

The Role

As an offensive penetration tester, you will:

• Perform manual and automated penetration tests on web applications, APIs, and cloud environments.
• Assess Active Directory security, including Kerberos attacks, credential abuse, and privilege escalation risks.
• Identify and exploit vulnerabilities based on OWASP Top 10 and beyond.
• Conduct cloud security assessments across AWS, Azure, or GCP environments.
• Work with Swedish defense and government clients, ensuring security best practices are implemented.
• Provide detailed reports with remediation recommendations tailored to highly regulated industries.
• Stay updated on emerging attack techniques and contribute to research and knowledge sharing.

What We’re Looking For:

• Strong experience in web application penetration testing, following OWASP methodologies.
• Hands-on expertise in Active Directory security testing, including lateral movement techniques.
• Experience with cloud security testing (AWS, Azure, or GCP).
• Proficiency with penetration testing tools (Burp Suite, SQLmap, Responder, Metasploit, etc.).
• Scripting knowledge (Python, PowerShell, Bash, etc.) for exploit development and automation.
• Previous experience working with government, defence, or regulated industries is a strong plus.
• Swedish and English fluency is mandatory due to the nature of the clients.
• Certifications like OSCP, OSWE, GWAPT, or similar are a plus.

If you’re looking for a role where you can apply offensive security techniques in a highly secure environment and work with Swedish national security-focused clients, let’s talk.