Senior Application Security Pentester (SAST & DAST)

Location: Luxembourg (Hybrid – 4 days onsite / 1 remote)

Contract: Freelance | Long-term

Daily Rate: 350€

Start: ASAP

About the Role

At wBrain, we are looking for a Senior Application Security Pentester to join a long-term enterprise application security programme. You will work on white-box testing initiatives, contributing directly to improving the security posture of large-scale applications in a stable and growing environment.

Key Responsibilities

• Perform white-box application penetration testing using SAST and DAST methodologies.
• Conduct source code reviews to identify vulnerabilities and insecure coding patterns.
• Execute and manage security assessments using HCL AppScan.
• Analyse findings, assess risk impact, and propose remediation actions.
• Collaborate closely with development, testing, and security teams.
• Produce clear technical reports and support remediation validation.

Mandatory Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related field.
• CEH – Certified Ethical Hacker (or equivalent recognised certification).
• Minimum 2+ years of hands-on experience in application security / penetration testing.
• Strong practical experience with SAST & DAST.
• Proven experience in source code review for security vulnerabilities.
• Solid understanding of secure coding practices and OWASP Top 10.
• Fluent English and French (written and spoken).
• Availability to work 4 days per week onsite in Luxembourg.

Nice to Have

• Experience with HCL AppScan (strong plus).
• Exposure to enterprise or regulated environments.
• Additional security certifications (OSCP, GWAPT, CSSLP, etc.).

Why Join wBrain?

• Long-term engagement with strong project continuity.
• High-impact application security programme.
• Stable environment with room for growth.
• Collaboration with experienced security professionals across Europe.

📩 Apply by sending your CV to:

[email protected]