Senior Penetration Tester

Senior Penetration Tester

What You’ll Do

You’ll be on the front lines of our security efforts, thinking like an attacker to help us stay one step ahead. As a Senior Offensive Security Engineer, you’ll break things (responsibly), uncover weaknesses, and help us build stronger, more resilient systems.

This is a hands-on role where you’ll move fast, experiment, and have real impact. You’ll work closely with engineers, product teams, and security to turn findings into fixes — not just reports.

Day to day, you’ll:

• Hack our own systems to find and fix vulnerabilities before others do
• Run white-box and black-box pentests across apps, infrastructure, and APIs
• Triage bug bounty reports and dig into external findings
• Go beyond surface issues with root cause and variant analysis
• Tear apart third-party tools and integrations to understand their risk
• Build scrappy (and scalable) tools for recon, automation, and insights
• Partner with engineers and the SOC to solve real security problems
• Share knowledge through demos, workshops, and hands-on sessions
• Help us decide where to focus to get the biggest security wins
• Shape and evolve our security programme as we grow

Who You Are

You’re curious, pragmatic, and love breaking things to make them better. You don’t just find problems — you help fix them.

• Have solid experience in penetration testing and offensive security
• Can spot vulnerabilities in code (especially Java and Node.js)
• Understand modern architectures — AWS, microservices, APIs
• Communicate clearly and give practical, actionable remediation advice
• Comfortable scripting and contributing to larger projects in Python
• Take ownership and don’t wait to be told what to do

Nice to have:

• Certs like OSCP, OSWE, CREST, GIAC, AWS (or equivalent experience)
• CTFs, bug bounty hunting, or involvement in the security community