Company Description

OMNIVERSE is a cybersecurity consulting firm committed to empowering organizations in defending against modern digital threats. With deep expertise in protecting critical information assets and ensuring compliance with regulatory standards, OMNIVERSE delivers premium security services. Headquartered in Istanbul, we proudly serve some of Turkey’s most prominent holding companies and institutions, helping them secure their digital infrastructures with confidence.

We support enterprises in building cyber resilience through cutting-edge penetration testing and adversary emulation services. As part of our growing team, we are looking for an ethical and detail-oriented Penetration Tester who can mimic real-world attack scenarios, detect weaknesses, and communicate remediation steps effectively.

Role Description

We are hiring a Penetration Tester for a full-time, hybrid position based in Istanbul. The successful candidate will conduct security evaluations, assess application vulnerabilities, and engage in adversarial simulations. The role involves working closely with OMNIVERSE’s internal security team to continuously enhance our offensive capabilities and deliver value to clients.

Responsibilities

• Perform manual penetration tests, particularly on web applications, following recognized frameworks (e.g., OWASP, PTES).
• Identify vulnerabilities in authentication, session handling, input validation, access controls, and related areas.
• Use and customize tools, exploits, and scripts to simulate sophisticated attack paths.
• Automate tasks using scripting languages such as Python, Bash, PowerShell, or others.
• Collaborate with technical teams to explain findings and suggest actionable fixes.
• Optionally contribute to Red Team operations and adversary simulation exercises (for advanced roles).
• Write clear, technically accurate reports and executive-level summaries.
• Actively share knowledge and contribute to internal R&D efforts.

Must-Have (Junior Levels):

• Strong grasp of fundamental security concepts, including the OWASP Top 10.
• Solid understanding of application architecture, networking, and general IT infrastructure.
• Capable of writing structured, client-facing vulnerability assessments.
• Proficient in English and Turkish.
• A proactive learner with a curious mindset and interest in mentorship.
• For senior candidates: experience in red teaming, threat emulation, and advanced offensive techniques is preferred.

Qualifications

• Hands-on experience or academic background in cybersecurity, application security, or offensive security.
• Strong problem-solving and critical-thinking skills.
• Relevant industry certifications (e.g., OSCP, OSWE, TSE) are a plus.
• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).