Pentester @ AVENGA

• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
• Minimum of 4 years of hands-on experience in penetration testing or ethical hacking.
• Strong knowledge of penetration testing methodologies and tools (e.g., Burp Suite, Metasploit, Nmap, Wireshark, etc.).
• Expertise in testing web applications, network infrastructure, cloud services (AWS, Azure, GCP), and APIs.
• Proficient in scripting and programming languages such as Python, Bash, PowerShell, or similar.
• Relevant certifications like OSCP, OSCE, CEH, CISSP, or GIAC are highly desirable.
• Excellent problem-solving skills and attention to detail.
• Strong communication skills, with the ability to explain complex security issues to non-technical audiences.Experience with threat modeling and risk assessment frameworks.
• Knowledge of regulatory requirements such as PCI-DSS, HIPAA, GDPR.
• Familiarity with DevSecOps and secure SDLC practices.

We are seeking a professional pen tester, who will join the project from automotive industry. As a part of the team, you will be responsible for conducting advanced security assessments, simulating sophisticated attacks, and providing actionable insights to improve security posture. You will be also responsible for leading penetration testing engagements, mentoring junior team members and supervising junior pen testers on their assignments. Work on site, one day a week is mandatory for this role. 

,[Perform comprehensive penetration tests on web applications, networks, cloud environments, and infrastructure., Identify, exploit, and document security vulnerabilities and provide remediation guidance., Develop and execute advanced attack scenarios using manual and automated tools., Lead and manage penetration testing projects from scoping through reporting and follow-up., Collaborate with cross-functional teams to improve security controls and policies., Mentor and guide junior penetration testers, fostering a culture of continuous learning., Stay up-to-date with the latest security threats, vulnerabilities, and industry trends., Prepare detailed technical reports and present findings to both technical and non-technical stakeholders., ] Requirements: Python, Cloud, API, SDLC, Pentesting, OSCP, OSCE, CEH, CISSP, GIAC Additionally: Sport subscription, Private healthcare, International projects, Friendly atmosphere, Integration events, Multisport, Cafeteria system, Career growth, Free coffee, Bike parking, Free parking, Modern office, No dress code.

---