Penetration Tester (Pentester)

Penetration Tester – Risk Advisory

Location: Warszawa

Contract: 12 months

About Us:

The customer delivers best-in-class advisory support and scalable security technology solutions across the firm. Our mission is to protect the confidentiality, integrity, and availability of firm data and systems — ensuring business continuity and technology resilience in the face of ever-evolving threats.

We prevent the misuse, unauthorised disclosure, or loss of firm data across email, file transfer, and internet services, while also providing preventative measures such as business continuity planning, capability design, and the testing of operational mitigants.

The Role:

We are looking for a talented Penetration Tester to join our global team of internal offensive security professionals. This is a high-impact role that offers exposure to some of the firm’s most critical systems, including cloud infrastructure, web applications, authentication systems, and more.

You’ll perform in-depth technical assessments and identify significant vulnerabilities in complex environments, often with access to source code for validation. You’ll also collaborate with engineering and technology teams across the firm to help them build more secure systems from the ground up.

How You Will Fulfill Your Potential:

• Conduct penetration testing on web applications, infrastructure, and cloud platforms, including business-critical systems such as banking platforms and internal frameworks.
• Discover and analyze security vulnerabilities, build exploit chains, and clearly articulate business risks.
• Collaborate with engineering teams to provide practical recommendations and systematic improvements.
• Grow and share knowledge with internal penetration testing community.
• Stay ahead of evolving threat landscapes and technologies by continuously improving your offensive skillset.

Skills and Experience We’re Looking For:

• Proven experience in penetration testing (applications, infrastructure, cloud).
• Deep understanding of web security, exploit development, and chaining vulnerabilities.
• Experience with code review, reverse engineering, fuzzing, and configuration analysis.
• Familiarity with tools such as Burp Suite, Wireshark, Ghidra, and netcat.
• Proficiency in one or more programming languages: Java, JavaScript, Python, C++, or C#.
• Solid knowledge of the TCP/IP stack and common network protocols.
• Strong understanding of cryptography principles and how they're applied in real systems.

Preferred Qualifications:

• Experience crafting custom proof-of-concept exploits.
• Familiarity with cloud platforms and cloud-native security.
• Degree in Computer Science, Cybersecurity, Information Security, or a related discipline.
• Certifications such as OSCP, OSEP, OSWP, or equivalent hands-on expertise.
• Background in disciplines such as network security, IT administration, or infrastructure pentesting is a plus.

Please apply or contact Paulina Laurie at [email protected] for more details.