Security Tester Senior

Summary

Join our team as a Senior Security Tester in Prague! This remote position, working as an independent contractor, requires a strong understanding of agile software development and penetration testing. You will conduct penetration tests on web applications, APIs, and mobile apps, collaborating closely with development and security specialists. The role demands expertise in secure application development (OWASP), microservices architecture, and excellent communication skills. A long-term commitment is expected, with onsite presence required 4 times per month. The ideal candidate possesses relevant certifications (OSCP, GPEN, etc.) and advanced English proficiency.

Requirements

• Basic knowledge and understanding of agile approaches to software development
• Practical knowledge in the field of secure application development (especially OWASP)
• Independent execution of selected penetration tests – mainly application tests focused on web applications, APIs, mobile applications on iOS/Android platforms
• Knowledge of microservice architecture and authentication/authorization logic
• Good communication skills, willingness to communicate closely with the development team on a daily basis
• Ability to communicate the results of penetration tests to technical and business departments and experience in writing reports at both managerial (high-level) and technical levels
• Reliability, independence, responsibility, thoroughness, and good self-organizational skills
• Knowledge of English at least at an advanced or higher level (spoken and written expression)
• Required certifications in the field of security testing (at least one of the following): Offensive Security–OSCP, OSWE; SANS GIAC–GPEN, GWAPT, GMOB, GXPN; EC-Council–C|PENT, W|AHS (Licensed Penetration Tester Master); eLearnSecurity–eCPPT, eWPT, eMAPT,eWPTX or equivalent certification to the above

Responsibilities

• Realize penetration tests for selected changes – primarily application penetration tests focused on web applications, API interfaces, and mobile application tests on Android and iOS platforms
• Participate in the specification of penetration test assignments in cooperation with a Security Specialist
• Collaborate closely with the development team and the Security Specialist, who is responsible for the final specification and evaluation of penetration tests and the consideration of any findings in the overall risk assessment for the given asset

Benefits

• Remote work
• Flexible hours (50% or 100% allocation)