Senior Penetration Tester

About the Role

Are you an offensive security expert who loves breaking complex cloud architectures, real-money payment pipelines, and modern microservices? We are seeking a Senior Penetration Tester to spearhead end-to-end testing, lead red-team operations, and serve as a trusted offensive advisor to our high-scale engineering teams. This is a fully office-based position designed for a sharp, collaborative breaker who thrives in a face-to-face, fast-paced tech environment.

📍 Work Location Note: This is a 100% office-based role. Remote or hybrid working arrangements are not available for this position.

About the Client

Our partner is a tech company building product engineering across Fintech, iGaming, and Marketing. They turn innovative ideas into high-performing engines and launch them at scale. As their exclusive recruitment partner, we manage their full-cycle talent acquisition.

What You Will Do

• Lead end-to-end penetration testing engagements across web applications, APIs, mobile apps, internal/external networks, and AWS cloud environments.

• Execute sophisticated red-team and assumed-breach operations—simulating initial access, privilege escalation, lateral movement, and data exfiltration against complex fraud and detection stacks.

• Conduct deep-dive security reviews of cloud-native services, Kubernetes workloads, microservices, and automated CI/CD pipelines.

• Identify and exploit vulnerabilities within critical real-money flows, including payments, deposits, digital wallets, KYC/AML mechanisms, and bonus systems.

• Partner with cross-functional product, AppSec, engineering, and fraud teams to translate your findings into concrete fixes and durable defensive controls.

• Develop custom testing methodologies, automated scripts, and tailored tooling when out-of-the-box solutions fall short.

• Mentor and guide mid and junior testers, reviewing their engagement plans, methodologies, and final assessment reports.

• Track and analyze emerging CVEs, TTPs, and MITRE ATT&CK framework updates, rapidly converting threat intelligence into internal security upgrades.

• Support pre-sales scoping, effort estimation, and compliance pre-certification for entry into new global markets and jurisdictions.

What You Bring

• Experience: 4+ years of hands-on penetration testing or offensive security experience, with a proven track record across web/API, networks, cloud (AWS), or mobile (iOS/Android).

• Core Certification: OSCP or an equivalent practical, hands-on offensive certification.

• Technical Arsenal: Strong working knowledge of SAST/SCA/DAST tooling, MITRE ATT&CK, OWASP ASVS/WSTG, PTES, and the MVC data-flow model.

• Cloud & Infrastructure Pentesting: Proven experience auditing cloud-native architectures, Kubernetes environments, CI/CD pipelines (GitLab, GitHub Actions, Jenkins), IaC (Terraform, Helm), and cloud IAM configurations.

• Scripting Skills: Proficient in scripting with Python and Bash to build custom automation and proof-of-concept exploits.

• Mindset & Compliance: Solid understanding of supply chain attacks, exceptional technical reporting skills, and familiarity with compliance frameworks (PCI DSS, ISO 27001, NIST, GDPR).

• Awesome Add-ons (Preferred): Advanced certs (OSWE, OSEP, CRTO, BSCP), prior experience in Fintech/iGaming payments, public CVEs/conference talks, or a strong track record in Hack The Box (Pro Labs) and live CTFs.

What's in It for You

• Career Growth: Limitless opportunities to advance your skills within an international, highly dynamic tech ecosystem.

• Comprehensive Health: Full medical insurance for you and your partner, plus a dedicated sports package to support a healthy, active lifestyle.

• Work-Life Balance: 20 working days of paid annual vacation alongside 6 fully paid sick days.

• Continuous Learning: Partial financial compensation for language courses to help you continuously level up.

• Milestone Celebrations: Special company gifts to celebrate your major life events (birthdays, weddings, and newborns).

• Premium Workspace: A modern, top-tier office facility in a prime location, completely stocked with daily snacks and refreshments.

• Vibrant Culture: Unforgettable team-building activities, local corporate events, and exclusive international company parties.