Application Penetration Tester

• Black-box and Grey Box penetration test applications
• Security testing including reverse engineering of Mobile applications (Android and iOS)
• Create innovative attacks tools/automations for project specific needs
• Communicate complex vulnerability results to technical and non-technical audience
• Perform research and contribute to open-source community on new attack methodology, vulnerability findings
• Scope penetration tests and contribute to penetration test project management

• Minimum 5 years of combined experience in penetration testing and security engineering roles
• Professional certifications such as OSCP, CEH, CISSP, CISM, or equivalent
• Advanced level of understanding of OWASP Top 10, CVE, general security controls, and other foundational topics such as the latest web application system exploits
• Attacker mindset for breaking the websites with practical knowledge of OWASP
• Commanding knowledge of VAPT concepts and best practices, including the requirements for WhiteHat/ethical hacking
• Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables
• In depth experience with common automated VAPT tools such as Nessus, Burp Suite
• Proficiency with other common attack tools and frameworks such as Wireshark, Kali, Metasploit, etc.
• Working knowledge of DevSecOps, CIS Security benchmarks, scripting languages (Python, PowerShell, Bash) for automation
• Fluent English (both verbal and written)
• Ability to work independently and as part of a cross-functional team
• Strong analytical and problem-solving capabilities
• Structured and systematic approach to projects

Proficiency in German language is a plus

• Competitive salary + annual bonus
• Hybrid work with flexible working hours
• Referral Bonus Program
• Copyright costs for IT employees
• Private medical care and life insurance
• Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
• Prepaid Lunch Card
• Number of benefits for families (for instance summer camps for kids)
• Non-working day on the 31st of December