Senior Penetration Tester

Spyrosoft is an authentic, cutting-edge software engineering company, established in 2016. In 2021 and 2022, it was among the fastest growing technology companies in Europe, according to the Financial Times. Founded by a group of tech experts with established backgrounds in software engineering, it created an ‘engineer-to-engineer’ workplace. The company specializes in technology solutions for industry 4.0, automotive, geospatial, healthcare & life sciences, employee experience & education, and financial services industries.

• Minimum 5 years of hands-on experience in penetration testing
• Strong knowledge of web application security (e.g., OWASP Top 10, ASVS, OWASP Top 10 API)
• Experience in mobile application testing (Android/iOS)
• Solid understanding of infrastructure security (networks, systems, Active Directory, cloud)
• Proven ability to manually exploit vulnerabilities
• Familiarity with tools such as Burp Suite, Metasploit, Nmap, Nessus, MobSF, Frida or similar
• Ability to produce clear technical and executive-level reports
• Strong analytical skills and an “attacker mindset"

Nice to have:

• Industry certifications (e.g., OSCP, OSWE, OSEP or similar)
• Knowledge of cloud environments (Azure, AWS, GCP) from a security perspective
• Experience in secure code review or SSDLC

• Perform penetration tests of web applications, mobile applications, and infrastructure (internal and external)
• Identify, analyze, and report vulnerabilities along with remediation recommendations
• Develop realistic attack scenarios (manual and partially automated)
• Collaborate with development and DevOps teams to improve security posture
• Support threat modeling and security architecture reviews
• Contribute to the development of internal tools and testing standards
• Mentor junior and mid-level team members