We are looking for an experienced Security Testing Engineer to join our cybersecurity team and help strengthen the security of modern digital systems. In this role, you will conduct security testing, identify vulnerabilities, and provide actionable recommendations to improve the security of web, mobile, and desktop applications.
office remoteEuropean UnionUkraine
Requirements
- 3–5 years of experience in security testing and penetration testing
- Required Certification (one of the following): CREST Practitioner Security Analyst (CPSA), CREST Registered Penetration Tester (CRT), CREST Certified Tester (CCT), Offensive Security Certified Professional (OSCP)
- Experience testing web, mobile, and desktop applications
- Strong understanding of application security and common vulnerabilities (OWASP Top 10)
- Ability to produce clear, structured security documentation and reports
- Strong analytical and problem-solving skills
- English skills should be sufficient for taking part in conversations on the technical aspects of projects
Nice to have
- Experience in automating security testing processes (SAST, DAST, SCA) within CI/CD pipelines
- Hands-on experience with scripting for automation (Python, Bash, PowerShell)
- Experience integrating security tools into DevSecOps workflows
- Ability to develop custom scripts/tools for vulnerability scanning and exploitation
- Experience with test automation frameworks and orchestration tools (e.g., Jenkins, GitLab CI, GitHub Actions)
- Experience leveraging AI/ML tools to enhance security testing and vulnerability detection
- Familiarity with AI-assisted code analysis and pentesting tools (e.g., LLM-based assistants, AI fuzzing tools
- Ability to use AI tools for automation of reporting, vulnerability triage, and threat analysis
- Understanding of AI security risks (prompt injection, model abuse, LLM vulnerabilities) is a plus
Responsibilities
- Conduct penetration testing and vulnerability assessments for web, mobile, and desktop applications
- Identify security vulnerabilities and provide clear remediation recommendations
- Develop and maintain security testing strategies and methodologies
- Prepare technical documentation and security reports for stakeholders
- Collaborate with engineering and development teams to address security issues and improve system resilience
We offer
- Projects for such clients as PayPal, Wargaming, Xerox, Philips, Adidas and Toyota;
- Competitive compensation that depends on your qualification and skills
- Career development system with clear skill qualifications
- Versátil working hours aligned to your schedule
- Options to work remotely
- Corporate medical insurance covering services of private and public medical centers
- English courses online
- Corporate parties and events for employees and their children
- Internal conferences, workshops and meetups for learning and experience sharing
- Gym membership compensation
- 5 days of paid sick leave per year with no obligation to submit a sick-leave certificate
Any questions?
Naira
hh@itransition.com