Senior Penetration Tester (freelance) (вакансія неактивна)

We are looking for an experienced Penetration Tester to strengthen our offensive security capability. The ideal candidate is a hands-on professional with deep technical skills and recognized industry certifications. You will lead security assessments, drive testing methodology, and contribute to the continuous improvement of our penetration testing practice.

Key Responsibilities

• Plan, scope, and execute penetration tests for web and mobile applications, APIs, cloud environments, and internal/external networks.
• Identify vulnerabilities, exploit them where appropriate, and develop clear remediation guidance.
• Prepare high-quality deliverables: executive summaries, technical reports, evidence, and retest validation.
• Develop and maintain testing methodology, internal tooling, scripts, and exploit PoCs.
• Communicate results effectively to both technical and non-technical stakeholders.
• Support knowledge sharing and mentor junior security engineers.

Required Qualifications

• 3+ years of hands-on penetration testing experience.
• Software-focused offensive security experience: ability to understand application architectures, programming frameworks, and CI/CD pipelines and assess their security.
• At least one advanced offensive security certification, such as OSEP, OSWE, OSCE/OSEE, GXPN, GREM, or CREST CCT. Alternatively: a combination of 3+ mid-level certifications such as OSCP, eWPTXv2, eCPTX, GPEN, CRT.
• Strong expertise in web application security (OWASP Top 10, business logic attacks, complex exploitation).
• Applied experience in mobile application security testing (Android/iOS).
• Cloud security assessment experience (IAM hardening, misconfiguration analysis, serverless/container review).
• Practical knowledge of network penetration testing techniques and common infrastructure weaknesses.
• Strong scripting/coding capabilities (Python, Bash, JS, or similar).
• Proficiency with common offensive security tools and frameworks.
• Professional English writing skills (B2+) — ability to deliver clear and structured reports.

Please note that feedback on the results of the CV review will be provided only in the event of a decision to consider your candidacy further.
Otherwise, your data will be retained in the company’s CV database, and we will gladly contact you if a suitable vacancy becomes available. The consideration period is 7 working days.

Before sending us your CV, you may read our Privacy Notice.