Penetration Tester

İş Təsviri

Innovation and Digital Development Agency

We are hiring a Penetration Tester who will lead offensive security assessments across web applications, mobile apps, APIs , and network infrastructure . The ideal candidate is a technical expert who can dig deep into application logic, bypass advanced protections, and also pivot through networks like a seasoned red teamer.

Perform manual assessments beyond automated scanners, focusing on business logic flaws;
Perform authenticated and unauthenticated black/gray-box full testing , simulating real attacker behavior;
Identify, exploit, and document security vulnerabilities with clear risk assessments and remediation guidance;
Perform manual/automated secure code review and threat modeling;
Participate in red team exercises and threat simulations when needed;
Collaborate with DevOps, DevSecOps, Product, and Security teams to prioritize and fix findings.
Requirements

2+ years of experience as a Penetration Tester;
High proficiency in manual techniques for penetration testing (network equipment, servers, web applications, APIs, wireless, mobile applications, and other information systems);
Experience with secure source code review / static analysis (manual and/or automated);
Familiarity with CI/CD security , integrating tools or custom scripts into pipelines for automated security testing;
Strong skills in various operating systems, including Windows, Linux/Unix, Mac OS, iOS, and Android;
Understanding of web/mobile application architecture;
Scripting and programming skills;
Certifications such as OSCP, OSWE, OSEP, eWPT, eWPTX, eMAPT, eCPPT, eCPTX, CRTO, and CRTL are highly desired.
About the vacancy

Vacancy type – Full-time
Experience – 1-2 years
Education – Bachelor’s degree