British Red Cross Ukraine Crisis Appeal

£3750+ donated already with continuing regular donations.

Ukraine Crisis

Apply for this Job

UploadChoose a CV

To find out about how we process your data, please read our privacy policy.

Send

  • LocationRemote
  • SalaryCompetitive rates
  • Job TypeContract
  • ReferenceKAR001
  • Date posted11-Jul-24

Role- Senior Penetration Tester

 

Our client is one of the largest Financial Institutions and Financial Services organizations in the world, with operations in 64 countries and territories.

 

Using technology to transform the world’s leading financial institution, this is a job for the boldest problem solvers in the tech industry.

 

Employment Type-B2B

 

About the position:

 

We are looking for experienced penetration testers to join our global team in Poland, which currently consists of 6 members, as part of a larger international program. The ideal candidates should have a certification (OSCP preferred) and proven expertise in testing web applications, their infrastructure, and APIs. While not mandatory, experience in mobile testing would be an advantage. The team works closely with other global teams such as security research, cross-assurance, and the red team, emphasizing the need for strong collaborative skills in an international environment.

 

Key Responsibilities:

 

  • Deliver penetration tests across various technologies.
  • Work with virtual teams of security and technical specialists to deliver top-notch security solutions.
  • Conduct penetration tests to identify and communicate business risks clearly.
  • Ensure the Bank operates within its defined risk appetite through effective penetration tests and deliverables.
  • Act as a technical SME for the Cybersecurity function in both internal and external discussions.
  • Enhance the maturity of the Cybersecurity function by improving service quality and removing inefficiencies.
  • Adhere to the three lines of defense model, ensuring clear responsibility, accountability, and segregation of duties.
  • Ensure compliance with internal audits and external regulations, meeting organizational change expectations.
  • Collaborate with stakeholders to deliver a Cybersecurity strategy that protects the bank’s technology and enhances clients' values, reputation, and stakeholder value.
  • Supervise, guide, and mentor less experienced team members.

 

Ideal Candidate Requirements:

 

  • At least 5 years of hands-on experience in penetration testing.
  • Ability to test web applications, infrastructure, and APIs.
  • Solid understanding of iOS and Android platform security models.
  • Excellent understanding of mobile application security risks and common vulnerabilities.
  • Practical knowledge of penetration testing for infrastructure, web, and mobile technologies using both manual and automated methods.
  • Excellent TCP/IP knowledge and understanding of security issues.
  • Strong web application testing experience.
  • Proven programming/scripting skills.
  • Ability to explain security functionality from first principles.
  • Ability to adapt information to new scenarios and technologies.
  • Strong understanding of cryptography in application development.

 

Optional/Nice to Have:

 

  • Strong grasp of common mobile application technologies, protocols, and architectures (HTML, XML, JavaScript, JSON, REST, Micro-services).
  • Understanding of software development lifecycles, especially DevOps.
  • Experience with dynamic and static application security testing tools.
  • Experience in security code reviews for Java, Objective C, Swift, and Kotlin.
  • Strong initiative and ability to collaborate with various clients (business, development, compliance).
  • Experience with mobile security testing frameworks (OWASP MASVS, OWASP MSTG).
  • Knowledge of enterprise application design and common security issues.
  • Advanced knowledge of security analysis tools and techniques for mobile security.
  • Hands-on experience with SAST, DAST, IAST tools.
  • Knowledge of security mechanisms and technologies (SSL, Pinning, Biometric Authentication, Out of Band Authentication, JWT, SAML, RASP, Oauth2).
  • Prior software programming and development experience for iOS and Android platforms.
  • Programming experience with Java, Kotlin, Objective C, and Swift.
  • Experience with security testing or secure application development for large enterprises.
  • Experience with cloud-hosted applications and services.
  • Experience in reverse engineering or disassembly.

 

The way we work:

  • Stable, long-term projects
  • Full-time employment B2B
  • Flexible working hours & home office
  • Tech communities and cultural communities
  • Mentoring programs

 

Benefits:

  • Private medical care and life insurance
  • Access to Multisport card
  • Highly skilled tech team who is always ready to help, collaborate, and share knowledge
  • Clear career engineering path and the possibility to rotate between projects and teams (for a longer time)

 

Have we sparked your interest?

Get in touch! We are looking forward to speaking to you

Similar Jobs.

Apply for this Job

Customer Reviews

Net Promoter Score

\10

Cyrus

NetPromoter Score

10/10

10 out of 10. Danielle has been a pleasure to work with thus far, excellent communication, and very helpful in scheduling time with distributed team members.

Dominik

NetPromoter Score

10/10

Unfortunately, position I applied has been filled out before my interview with client. However, I would definietely recomend (10) Vertex to others.

Julius

NetPromoter Score

8/10

- Felt professionally represented for roles we pursued - Relevant opportunities presented in light of discussions we had and my expectations

Let's Work Together

I’m looking for a job a candidate or would like to work at Vertex