Senior Penetration Tester

Summary

Join Dev.Pro, a US-based software development company, for a short-term, project-based penetration testing engagement. This on-demand role involves conducting a pentest for a fintech client, enhancing system and application security. You will perform in-depth vulnerability assessments, develop new tests based on emerging threats, and provide insights for long-term protection. The role offers remote work with a flexible schedule and the opportunity to enhance your manual testing expertise, particularly with API testing. You will collaborate with a supportive team and a client who values team input. This is a high-impact project allowing you to grow your cybersecurity skills within the payments industry.

Requirements

• 4+ years of hands-on experience in penetration testing (web apps, APIs, backend systems)
• Proficiency in JavaScript and Node.js for secure code review
• Experience testing vulnerabilities in NoSQL databases, especially MongoDB
• Familiarity with containerization and Kubernetes
• Expertise in testing application business logic
• Solid understanding of network, application, and system security
• Experience with various penetration methodologies, tools, and frameworks
• Ability to document and communicate technical issues effectively
• Upper-Intermediate English level
• Attention to detail, strong decision-making skills

Responsibilities

• Perform advanced penetration tests on web applications, APIs, and backend systems
• Conduct thorough vulnerability assessments, including testing for NoSQL database vulnerabilities
• Analyze and assess business logic in applications for security flaws
• Develop and run tests to evaluate emerging security threats and ensure comprehensive coverage
• Document, report, and provide clear insights on identified security issues
• Provide actionable recommendations to remediate vulnerabilities and improve overall security

Preferred Qualifications

• General understanding of the fintech domain, including common security challenges and industry regulations
• Certifications in penetration testing, offensive security, or ethical hacking

Benefits

• Enjoy remote work with a flexible schedule, balancing personal and professional commitments
• Work on a stable product with 7+ years in production, trusted by leading global brands
• Enhance your manual testing expertise with a focus on API testing
• Join a collaborative, supportive, and experienced team, working closely with a client who values team input