Senior Penetration Tester
nr ref: 183/3/2026/PK/94841
W Antal zajmujemy się rekrutacją od ponad 20 lat. Dzięki działaniu w 10 wyspecjalizowanych dywizjach, świetnie orientujemy się w aktualnych trendach branżowych. Precyzyjnie określamy specyfikę stanowiska, klasyfikując kluczowe umiejętności i niezbędne kwalifikacje. Naszą misją jest nie tylko znalezienie kandydata, którego kompetencje wpisują się w wymagania danego ogłoszenia, ale przede wszystkim stanowiska, spełniającego oczekiwania kandydata. Numer rejestru agencji zatrudnienia: 496.
Senior Penetration Tester
Business Area: Cybersecurity Research & Offensive Security
Work Model: Hybrid – 6 days per month from the office in Kraków (preferred) or Warsaw
Contract Type: B2B
Role Overview
We are looking for an experienced Senior Penetration Tester to join a global Cybersecurity team. In this role, you will lead and execute advanced security assessments across web, mobile, infrastructure, and API environments, ensuring high-quality delivery and clear risk articulation to both technical and non-technical stakeholders.
You will act as a subject matter expert (SME), driving penetration testing initiatives, mentoring junior team members, and contributing to the continuous improvement of cybersecurity standards, processes, and tooling.
Key Responsibilities
-
Lead and deliver end-to-end penetration tests across:
-
Mobile applications (iOS & Android)
-
Web applications and APIs
-
Infrastructure and network environments
-
-
Perform manual penetration testing, source code reviews, and configuration assessments
-
Clearly document findings, including root cause analysis and business risk impact
-
Design and demonstrate proof-of-concept exploits when required
-
Collaborate with DevOps and engineering teams to:
-
Support remediation efforts
-
Improve secure development practices
-
Automate repetitive security testing tasks
-
-
Assess product release risk and identify potential misuse scenarios
-
Track remediation activities and support risk acceptance processes
-
Support incident response activities when required
-
Evaluate new security testing technologies and recommend improvements
-
Monitor security industry developments and emerging threats
-
Contribute to process enhancements and quality improvements
-
Mentor junior team members and support knowledge sharing
Required Experience & Skills
Must-have:
-
Minimum 3 years of hands-on penetration testing experience
-
Strong web and mobile application testing expertise
-
Solid knowledge of iOS and Android security models
-
Practical experience with manual and automated security testing
-
Strong understanding of TCP/IP and networking security
-
Experience with SAST, DAST, IAST tools
-
Strong programming/scripting skills
-
Ability to explain complex security issues clearly to technical and non-technical audiences
-
Excellent English communication skills (written & spoken)
-
Ability to work independently or lead penetration testing teams
Technical Knowledge:
-
Web technologies: HTML, XML, JavaScript, JSON, REST, Microservices
-
Secure SDLC and DevOps environments
-
Cryptography fundamentals and secure implementation practices
-
Security mechanisms such as SSL/TLS, Certificate Pinning, OAuth2, JWT, SAML, RASP, biometric authentication
-
Mobile security standards such as OWASP MASVS & MSTG
Nice to have:
-
Code review experience (Java, Kotlin, Swift, Objective-C)
-
Experience with cloud-hosted applications
-
Reverse engineering or disassembly experience
-
Background in secure software development
Certifications are not required but considered a plus.
What We Offer
-
B2B contract
-
Hybrid work model (6 days/month in office – Kraków preferred or Warsaw)
-
Private medical care (LuxMed)
-
MyBenefit cafeteria platform
-
Dedicated support from Contractor Care team
