We are seeking a skilled and driven Web Application Penetration Tester with a strong foundation in web security and a passion for uncovering vulnerabilities in complex systems.

In this role, you’ll work closely with engineering and security teams to assess the security posture of applications and infrastructure, providing insights that directly influence product security and resilience.

Requirements:

Proven experience in penetration testing, with a focus on web application security. Certifications such as OSWE, OSCP, or similar (highly desirable). Ability to analyze source code (e.g., JavaScript, Python, Java, etc.) as part of security assessments. Understanding of modern web architectures, authentication flows, session handling, and common vulnerability classes (e.g., OWASP Top 10). Exposure to Linux server environments and comfort with command-line tools and scripting. Clear, concise communication skills for writing reports and collaborating with technical teams.

Nice to have:

Experience in bug bounty programs, DAST/SAST, or managing vulnerability scanning tools - especially where this has enriched your pentesting skills. Familiarity with infrastructure penetration testing techniques and tooling. Experience with mobile app testing or red teaming (not essential, but welcome).

Responsibilities:

Perform in-depth web application penetration tests, focusing on business logic flaws, authentication bypasses, and full exploit chains. Conduct source code reviews during assessments to uncover subtle vulnerabilities not detectable through black-box testing alone. When required, extend assessments to include Linux infrastructure and system-level security, especially in blended attack surfaces. Collaborate with engineering and DevSecOps teams to report and remediate vulnerabilities in a clear, actionable way. Document findings in thorough, professional reports that balance technical accuracy with clarity for non-security stakeholders. Participate in knowledge-sharing and continuous improvement of internal testing methodologies.

We offer:

Friendly, professional staff and a warm atmosphere. The environment where you can implement your ideas. Paid vacations and sick leaves. Medical insurance. Participation in educational activities and thematic conferences. Team parties and corporate events.