-
View all jobs
About Camlin
Camlin is a global technology leader that operates with the vision of bringing revolutionary products to life for a wide range of industries, including power and rail, and also has interests in a number of R&D projects in a variety of scientific sectors.
At Camlin we believe in high quality engineering and design, allowing us to develop market leading products and services. In short, we love creating value for our customers by solving difficult problems. As of now, Camlin operates in over 20 countries worldwide.🌐
About The Role
As a Penetration Tester (SaaS and IoT) at Camlin, you will be a key person in the defence of our IoT and SaaS ecosystem. This is a hybrid offensive and defensive role where you will secure everything from "IoT to Cloud." You will partner with Engineering, QA, and DevSecOps to validate security is built into the release process.
We are looking for a technical expert who is pro-active in identifying exploitable vulnerabilities with the ability to collaborate and communicate with stakeholders to provide a satisfactory resolution.
Key Responsibilities
SaaS Security Testing
Individuals seeking employment at Camlin are considered without regards to race, colour, religion, national origin, age, sex, marital states, ancestry, physical or mental disability, gender identity or sexual orientation.
Camlin is a global technology leader that operates with the vision of bringing revolutionary products to life for a wide range of industries, including power and rail, and also has interests in a number of R&D projects in a variety of scientific sectors.
At Camlin we believe in high quality engineering and design, allowing us to develop market leading products and services. In short, we love creating value for our customers by solving difficult problems. As of now, Camlin operates in over 20 countries worldwide.🌐
About The Role
As a Penetration Tester (SaaS and IoT) at Camlin, you will be a key person in the defence of our IoT and SaaS ecosystem. This is a hybrid offensive and defensive role where you will secure everything from "IoT to Cloud." You will partner with Engineering, QA, and DevSecOps to validate security is built into the release process.
We are looking for a technical expert who is pro-active in identifying exploitable vulnerabilities with the ability to collaborate and communicate with stakeholders to provide a satisfactory resolution.
Key Responsibilities
SaaS Security Testing
- Web & API Penetration Testing: Conduct manual and automated testing of SaaS platforms and backend APIs against the OWASP Top 10 and API Security Top 10.
- Cloud Infrastructure Review: Assess AWS/Azure environments for misconfigurations, IAM over-privileging, and container security vulnerabilities.
- Vulnerability Management: Simulate real-world cyberattacks to identify weaknesses in SaaS infrastructures before exploitation.
- Linux OS - CIS Benchmark Validation
- Platform Level – Embedded Web-applications
- Device Interface Testing: USB, Ethernet, Serial (UART/RS232/RS485).
- Radio Frequency (RF) & Wireless Security: Standard Comms Protocols e.g. WiFi, Bluetooth.
- Cryptographic Verification: Ensuring latest cryptographic protocols and secure configuration.
- Compliance Alignment: Validate products against international standards including IEC 62443-4-1/4-2, the EU Cyber Resiliency Act (CRA), and the Radio Equipment Directive (RED).
- Design & Architecture: Collaborate with Product and Engineering teams to embed security controls during the design phase, providing expert guidance on secure architecture.
- Automated Testing: Collaborate on SAST, DAST, and SCA tools (e.g., Snyk, Checkmarx, Burp Suite) within CI/CD pipelines.
- Remediation Support: Document findings in clear technical reports and provide developers with actionable code-level recommendations.
- RED Teaming
- Create, update, and maintain tickets related to security findings and testing outcomes.
- Produce clear technical documentation, including assessment reports, remediation guidance, and architectural security recommendations.
- 4+ years in a technical security role (Penetration Tester, AppSec Engineer, or Security-focused Developer).
- Proven expertise in testing both hardware/firmware (IoT) and web-based platforms (SaaS).
- Scripting Proficiency: Ability to automate tasks using Python, Bash, or similar.
- Tooling Mastery: Expertise with Burp Suite, Metasploit, Nmap, and hardware-specific tools (Ghidra, Frida, Objection).
- Certifications: OSCP, CREST (CRT/CCT), or GPEN (highly regarded).
- Deep understanding of Linux (Yocto)/Windows internals and modern application architectures.
- Experience with peripheral standards (I2C, SPI, PCI, PCIe, RS422, RS485, RS232, SATA, PATA, MMC
- Familiarity with Agile methodologies and DevSecOps practices.
- Working knowledge of security standards (OWASP, NIST, ISO 27001).
- AWS Security Toolchain.
- We work together
- We believe in people
- We won’t accept the ‘way it has always been done’
- We listen to learn
- We’re trying to do the right thing
Individuals seeking employment at Camlin are considered without regards to race, colour, religion, national origin, age, sex, marital states, ancestry, physical or mental disability, gender identity or sexual orientation.
Key Skills
Ranked by relevance
saas
burp suite
owasp
penetration testing
metasploit
embedded
wireless
ethernet
python
linux
cloud
bash
oscp
nist
cicd
nmap
spi
cis
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Founding Full Stack Engineer
2026-04-07
Full-time
Mid-Senior
United States
Energy Technology
Engineering
View Job Details
Related
Lead Cordant Technical Support Engineer
2026-04-03
Full-time
Not Applicable
Singapore
Energy Technology
Information Technology
View Job Details
Related
Full Stack Engineer
2026-04-01
Full-time
Mid-Senior
Germany
IT Services
Engineering
Login to Apply
- Posted
- Mar 28, 2026
- Type
- Full-time
- Level
- Associate
- Location
- Cracow
- Company
- Camlin Group
Industries
Energy Technology
Categories
Information Technology
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Founding Full Stack Engineer
2026-04-07
Full-time
Mid-Senior
United States
Energy Technology
Engineering
View Job Details
Related
Lead Cordant Technical Support Engineer
2026-04-03
Full-time
Not Applicable
Singapore
Energy Technology
Information Technology
View Job Details
Related
Full Stack Engineer
2026-04-01
Full-time
Mid-Senior
Germany
IT Services
Engineering