Penetration Tester

Freelance Senior Penetration Tester

Munich, Germany (Remote/On-site Hybrid)

Freelance, Project-based

Cybersecurity, IT, Industrial Security

We are seeking an experienced Senior Penetration Tester to join our cybersecurity team on a freelance basis. The ideal candidate will bring a deep understanding of penetration testing methodologies and tools, coupled with a proven track record of identifying and addressing vulnerabilities in complex IT and OT environments. Based in Munich, this role offers flexibility with the option for remote work, though occasional on-site visits to client locations in Munich and across Germany may be required.

As a Senior Penetration Tester, you will lead advanced security assessments, simulate sophisticated cyberattacks, and provide actionable recommendations to fortify our clients’ systems. You will be working on high-impact projects across sectors including financial services, manufacturing, energy, and critical infrastructure.

Key Responsibilities:

• Conduct comprehensive penetration tests on networks, applications (web, mobile), and OT systems to identify vulnerabilities.
• Simulate advanced cyberattacks (red teaming) to test the resilience of client infrastructures.
• Perform security assessments on IT/OT environments, including ICS/SCADA systems, for industrial clients.
• Lead security audits and vulnerability assessments, providing clear and detailed reports with recommendations for remediation.
• Collaborate with client stakeholders to develop tailored solutions for securing their infrastructure.
• Stay up-to-date with the latest security trends, threat landscapes, and penetration testing techniques.
• Provide mentoring and guidance to junior team members, when applicable.

Requirements:

• Minimum of 5+ years of experience in penetration testing and cybersecurity, with a focus on IT and OT environments.
• Strong knowledge of common penetration testing tools and frameworks (e.g., Metasploit, Burp Suite, Nessus, Nmap, Kali Linux).
• Experience in testing industrial control systems (ICS), SCADA, and other OT environments is a major plus.
• Familiarity with security standards and regulations (e.g., IEC 62443, ISO 27001, GDPR).
• Proven ability to perform manual testing and not just rely on automated tools.
• Certifications such as OSCP, OSCE, CEH, or similar are highly desirable.
• Strong understanding of common vulnerabilities and exposures (CVE), OWASP Top 10, and MITRE ATT&CK framework.
• Excellent communication and reporting skills, with the ability to explain technical issues to non-technical stakeholders.
• Fluent in English; proficiency in German is a strong advantage.

Preferred Qualifications:

• Experience with red teaming engagements and adversary simulation.
• Previous consulting or freelance experience in cybersecurity.
• Familiarity with OT environments and industrial cybersecurity challenges.

What We Offer:

• Competitive freelance rates based on experience and project scope.
• Flexible working environment with remote work options.
• Opportunity to work on high-profile cybersecurity projects across multiple industries.
• Collaboration with a skilled and diverse team of cybersecurity experts.

If you’re a highly skilled Penetration Tester based in Munich with a passion for tackling complex security challenges, we’d love to hear from you!