Application Security Tester (Penetration Tester)

Edge One Solutions Sp. z o.o. is part of the Euvic Group with over 5500 experts. The company supports individual skill development and adapts projects to employee competencies. The client is a public sector organization responsible for developing and maintaining modern digital solutions supporting administrative services, focusing on secure and accessible IT systems used by millions. The project involves a team combining software development, system architecture, cybersecurity, data analysis, and digital product management.

• Minimum 2–4 years of experience in IT security, especially in application and infrastructure security testing
• Knowledge of security standards and best practices, including OWASP
• Experience conducting penetration tests of web and mobile applications
• Ability to perform basic source code analysis to identify vulnerabilities (Java, Python, C++, JavaScript or related technologies)
• Experience assessing security of APIs (REST, SOAP, GraphQL) and mobile applications (Android/iOS)
• Practical knowledge of tools: Burp Suite, OWASP ZAP, Nessus, Metasploit, Checkmarx, SonarQube
• Ability to verify effectiveness of implemented security fixes
• Experience preparing security test reports with remediation recommendations
• Knowledge of tools for analyzing security configuration of operating systems
• Ability to collaborate with development, operations teams, and security architects
• Possession of at least one certification: eJPT, CEH, CompTIA PenTest+, OSCP
• Developed analytical, interpersonal, and communication skills
• English language proficiency enabling technical communication
• Experience working with JIRA and Confluence

• Conduct penetration tests of web applications and mobile application security tests
• Test security of backend systems, databases, and API interfaces
• Verify effectiveness of implemented security updates and patches
• Analyze source code and collaborate with development teams to identify vulnerabilities
• Participate in creating security documentation
• Collaborate with other organizational units and security teams
• Support production and maintenance processes in the security area
• Participate in change management and assess impact of changes on system security
• Report detected vulnerabilities with assessment of their impact on the organization