CrawlJobs Logo

Application Penetration Tester

https://www.bosch.pl/ Logo

Robert Bosch Sp. z o.o.

Location Icon

Location:
Poland, Warszawa

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are looking for security engineer who loves solving interesting problems and think "secure" is just a matter of perspective. You will be performing high end security evaluations focusing on web applications, APIs, mobile applications, thick client applications and cloud environments.

Job Responsibility:

  • Black-box and Grey Box penetration test applications
  • Security testing including reverse engineering of Mobile applications (Android and iOS)
  • Create innovative attacks tools/automations for project specific needs
  • Communicate complex vulnerability results to technical and non-technical audience
  • Perform research and contribute to open-source community on new attack methodology, vulnerability findings
  • Scope penetration tests and contribute to penetration test project management

Requirements:

  • Minimum 5 years of combined experience in penetration testing and security engineering roles
  • Professional certifications such as OSCP, CEH, CISSP, CISM, or equivalent
  • Advanced level of understanding of OWASP Top 10, CVE, general security controls, and other foundational topics such as the latest web application system exploits
  • Attacker mindset for breaking the websites with practical knowledge of OWASP
  • Commanding knowledge of VAPT concepts and best practices, including the requirements for WhiteHat/ethical hacking
  • Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables
  • In depth experience with common automated VAPT tools such as Nessus, Burp Suite
  • Proficiency with other common attack tools and frameworks such as Wireshark, Kali, Metasploit, etc.
  • Working knowledge of DevSecOps, CIS Security benchmarks, scripting languages (Python, PowerShell, Bash) for automation
  • Fluent English (both verbal and written)
  • Ability to work independently and as part of a cross-functional team
  • Strong analytical and problem-solving capabilities
  • Structured and systematic approach to projects

Nice to have:

Proficiency in German language is a plus

What we offer:
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Number of benefits for families (for instance summer camps for kids)
  • Non-working day on the 31st of December

Additional Information:

Job Posted:
October 20, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Application Penetration Tester

Senior Penetration Tester

As a Penetration Tester, you'll conduct regular, comprehensive security assessme...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years' experience in one or more of the following areas: Penetration Tester, Red/Purple Team Member, Security Engineer
  • Knowledge of technologies up to system level (web frameworks, communications protocols, database systems)
  • Offensive security knowledge of cyber-attack techniques, vulnerabilities, and mitigation strategies
  • Knowledge of penetration testing tools, frameworks, and methodology
  • Skills using Kali Linux, Nmap, PowerShell, Metasploit, Cobalt Strike, OWASP ZAP, Burp Suite
  • Proficiency in scripting
  • Awareness of frameworks such as MITRE ATT&CK and NIST and how they can be applied effectively within an enterprise
  • Familiarity with the latest exploits, tactics, techniques, and procedures (TTP), vulnerability remediation and security trends
  • Cyber security qualifications from Offensive Security, SANS, Pentester Academy, CREST, eLearnSecurity or others
Job Responsibility
Job Responsibility
  • Scoping and executing of complex penetrations test across a wide scope of technologies, products, services, and applications and critical infrastructure companies
  • Helping the team to define and improve the internal security testing programme
  • Documenting technical issues both Cyber and IT related during testing assessments
  • Improve our monitoring services by working in purple style exercises and operating in a red team capacity to improve the ability to detect and respond to threats
  • Supporting incident response by providing context and expertise around cyber threats
  • Mentor to our junior & medior colleagues
What we offer
What we offer
  • Extensive career development opportunities, both local and international
  • Part of a dynamic network of 56,000 professionals at all stages of their careers
  • Wide array of offices to explore
  • Fulltime
Read More
Arrow Right

Senior Penetration Tester

The role involves conducting deep-dive vulnerability assessments on a variety of...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree with a minimum of 5 years of experience
  • Expertise in Java, JavaScript (React, Node.js), .NET (ASP.NET, C#, Webflow, MVC, WebAPI), Application Infrastructure (Web/Application Servers, Databases, Middleware Components), and Cloud Computing (Google Cloud Platform, AWS, Azure)
  • Expertise in application security, ethical hacking using security tools (Burp Suite, AppScan), knowledge of OWASP Top 10, CWE/SANS Top 25, Threat Modeling
  • Industry-accredited security certifications such as GIAC GWAPT, GPEN, GXPN, OSCP and/or CISSP
Job Responsibility
Job Responsibility
  • Act as a subject matter expert in offensive information security
  • Drive remediation by outlining a defense-in-depth approach
  • Report and articulate vulnerability assessment results
  • Contribute to the review of internal processes and activities
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

We’re looking for a principal Security Testing Engineer to work closely with the...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years penetration testing experience in a consultancy, dedicated internal pentesting team, or similar offensive security function
  • 2+ years experience as an offensive security team lead
  • Strong experience in white-box application security testing
  • Full stack application security technical experience
  • Delivery focused
  • Experience mentoring junior penetration testers
  • The ability to complete a penetration test and code review of a modern cloud application
  • Experience leading security teams on complex penetration testing engagements
  • Strong, practical understanding of security testing methodologies, supporting infrastructure requirements and legal considerations
  • Strong collaboration and communication skills when working with closely with deeply technical development and infrastructure teams
Job Responsibility
Job Responsibility
  • Providing SME knowledge and guidance to a team of pen testers/code review
  • Continuing to mature pen testing/code review workflows
  • Identifying and recruiting top-class penetration testing talent
  • Supporting and guiding the growth of a India based penetration testing team
  • Analysing vulnerability data for trends and gaps in controls
  • Identifying significant vulnerabilities in Atlassian products prior to production deployment
  • Building contacts in the Atlassian engineering team, product team and security team
  • Building and leveraging existing contacts to identify potential talent to join the team
  • Establishing testing processes in the local team that complements and extends existing processes
  • Identifying insights which contribute to strategic investments
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Application Security Engineer II

In this role, you will support Rackspace's application security program by imple...
Location
Location
India
Salary
Salary:
Not provided
rackspace.com Logo
Rackspace
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2-4 years in the information security field
  • Experience working with application security, security testing, or DevSecOps practices
  • Working knowledge of the SDLC, security concepts, and vulnerability assessment methodologies
  • Hands-on experience with or understanding of programming and scripting languages including one or more of the following: Python, Java, Node.js, Go, Ruby, PHP
  • databases such as SQL
  • and related tools such as Github, Gitlab, Jenkins, and CircleCI
  • Understanding of common vulnerabilities, remediation approaches, and industry-standard classification schemes (CVE, CWE, CVSS, OWASP Top 10)
  • Familiarity with relevant compliance regulations, such as PCI-DSS, ISO 27001, SOC 2, or HIPAA
  • Passion for security and eagerness to learn about new technologies and emerging security vulnerabilities
  • Strong communication skills with the ability to work collaboratively across teams
Job Responsibility
Job Responsibility
  • Execute application security testing using both automated tools and manual testing techniques on web applications, APIs, containers, and other software components
  • Configure, maintain, and operate SAST, DAST, and other application security testing tools
  • Analyze and triage security findings, documenting clear remediation guidance for development teams
  • Support the vulnerability reporting process and track findings through to resolution
  • Assist with triage and validation of external vulnerability disclosures and bug bounty reports
  • Contribute to the development and documentation of application security processes and standards
  • Participate in security code reviews and threat modeling exercises
  • Help track and report metrics for application security program health
  • Collaborate with development and DevOps teams to integrate security into CI/CD pipelines
  • Stay current with application security trends, tools, and best practices
  • Fulltime
Read More
Arrow Right

Product Security Engineer

At Atlassian, we're motivated by a common goal: to unleash the potential of ever...
Location
Location
United States , San Francisco
Salary
Salary:
150700.00 - 206000.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Cybersecurity or related field
  • 24 months of experience working as Application Security Engineer, Product Security Engineer, or Penetration Tester
  • experience in application security tooling such as BurpSuite Pro, Postman, Docker, Command Line Interface (CLI) tools, Nmap, and Metasploit
  • understanding and coding common programming languages such as Java, Python, or Go
  • penetration testing, vulnerability assessment, composing and generating vulnerability reports
  • administering and managing Jira project
  • data analysis and data visualization tooling such as Tableau and Databricks
  • code versioning tools such as Bitbucket Cloud and GitHub
  • must pass technical interview
Job Responsibility
Job Responsibility
  • Evaluate submissions from security researchers to bug bounty program, assess the impact of each vulnerability, and communicate with the researcher community to help obtain additional details that may be helpful to engineering teams as they work to remediate the issues
  • drive improvement to the policies, processes, and automation to make bug bounty programs effective and ensure to get the most accurate information about each vulnerability to the proper engineering team as quickly as possible
  • work on vulnerability management improvements on processes, policies and standards
  • make sure the company's products and services are safe and secure, the internal vulnerability management workflow is accurate and up to date
  • identify vulnerabilities at scale and help engineering teams systematically remediate them
  • work on securing open-source supply chain
  • interact with some of the world’s leading security researchers through bug bounty program
  • build cutting edge tools to help identify and remediate vulnerabilities at scale
  • work with web application security and a strong ability to work with colleagues to develop and build solutions to help us scale in order to be successful in this role
  • read and write code
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Cybersecurity Red Team Project Manager

The Cyber Security Project Manager focuses on coordinating penetration testing p...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Technical expertise in system security vulnerabilities, remediation techniques, and network/web protocols (e.g., TCP/IP, UDP, IPSEC, HTTP)
  • experience in network, web application, and mobile penetration testing
  • familiarity with penetration testing tools and suites (e.g., Kali Linux, Burp Suite, Metasploit, Cobalt Strike, Mimikatz)
  • understanding of vulnerability scoring systems (CVSS) and frameworks (MITRE ATT&CK)
  • software development skills (C/C++, Java, Python) are advantageous
  • at least one relevant security certification (e.g., CEH, GPEN, GXPN, OSCP, OSC, or equivalent).
Job Responsibility
Job Responsibility
  • Coordinate all project activities with internal stakeholders (Lead Penetration Tester, Awareness Expert, Technical Quality Manager) and the customer
  • plan and execute penetration testing tasks, including scoping meetings and drafting the penetration testing plan
  • prepare and control access rights for penetration tests
  • refine and manage the security test calendar/schedule, ensuring tasks are executed according to plan
  • proactively inform stakeholders (e.g., ECB) about issues such as delays, resource unavailability, or other factors affecting testing or timelines
  • oversee quality assurance for penetration tests, including reviewing penetration testing reports
  • coordinate threat-based testing with the Lead Penetration Tester and awareness sessions with the Awareness Expert
  • support process improvement and documentation of vulnerability management in collaboration with the Technical Quality Manager
  • facilitate stakeholder communication and ensure completeness of handovers and knowledge transfer between resources.
What we offer
What we offer
  • Mobility options (including a company car)
  • insurance coverage
  • meal vouchers
  • eco-cheques
  • continuous learning opportunities through the Sopra Steria Academy
  • the opportunity to connect with fellow Sopra Steria colleagues at various team events.
  • Fulltime
Read More
Arrow Right

Cloud Security Test Engineer

This role involves designing and executing complex penetration tests against clo...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • B.E / B.Tech / M.Tech / MCA in Computer Science or Information Technology
  • Minimum of 2 to 6 years penetration testing, with a strong focus on cloud environments
  • In-depth understanding of cloud technologies (AWS, Azure, GCP) and their security implications
  • Proficiency in advanced penetration testing tools and techniques, such as Burp, ZAP, Metasploit, Cobalt Strike, and PowerSploit
  • Experience with container technologies (Docker, Kubernetes) and serverless architectures
  • Strong scripting skills (Python, PowerShell) for automation and custom tool development
  • Experience with security orchestration, automation, and response (SOAR) platforms
  • Active security certifications such as OSCP, CSSLP or related is strongly desired
  • Ability to work well under minimal supervision
  • Requires strong interpersonal, organizational, written and verbal communication skills
Job Responsibility
Job Responsibility
  • Design and execute complex penetration tests against cloud-native applications, infrastructure, and data stores
  • Exploit vulnerabilities in cloud platforms, such as AWS, Azure, and GCP, using advanced techniques and tools
  • Assess the security posture of cloud-native applications, microservices, and serverless architectures
  • Develop and execute attack scenarios that simulate real-world threats, including supply chain attacks, privilege escalation, and lateral movement
  • Lead and mentor a team of experienced penetration testers, providing guidance and support on advanced techniques and tools
  • Assign tasks, review deliverables, and ensure project timelines are met
  • Develop and maintain standard operating procedures for complex penetration testing activities
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Cloud Automation Test Engineer

This role involves designing and executing complex penetration tests against clo...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must have B.E / B.Tech / M.Tech / MCA in Computer Science or Information Technology
  • Must have a minimum of 2 to 6 years penetration testing, with a strong focus on cloud environments
  • In-depth understanding of cloud technologies (AWS, Azure, GCP) and their security implications
  • Proficiency in advanced penetration testing tools and techniques, such as Burp, ZAP, Metasploit, Cobalt Strike, and PowerSploit
  • Experience with container technologies (Docker, Kubernetes) and serverless architectures
  • Strong scripting skills (Python, PowerShell) for automation and custom tool development
  • Experience with security orchestration, automation, and response (SOAR) platforms
  • Active security certifications such as OSCP, CSSLP or related is strongly desired
  • Ability to work well under minimal supervision
  • Requires strong interpersonal, organizational, written and verbal communication skills
Job Responsibility
Job Responsibility
  • Design and execute complex penetration tests against cloud-native applications, infrastructure, and data stores
  • Exploit vulnerabilities in cloud platforms, such as AWS, Azure, and GCP, using advanced techniques and tools
  • Assess the security posture of cloud-native applications, microservices, and serverless architectures
  • Develop and execute attack scenarios that simulate real-world threats, including supply chain attacks, privilege escalation, and lateral movement
  • Lead and mentor a team of experienced penetration testers, providing guidance and support on advanced techniques and tools
  • Assign tasks, review deliverables, and ensure project timelines are met
  • Develop and maintain standard operating procedures for complex penetration testing activities
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs Canada Jobs Poland Jobs Ireland Jobs Spain Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy