Web Penetration Tester

TL;DR

Web Penetration Tester: Conduct comprehensive penetration tests on web applications, APIs, and portals with an accent on identifying and exploiting security vulnerabilities. Focus on manual and automated testing, analyzing application logic, and collaborating with development and DevSecOps teams to ensure secure software.

Location: Yerevan

Company

hirify.global is a product company focused on software development in the gaming industry.

What you will do

• Conduct penetration tests on web applications, APIs, and portals to identify security vulnerabilities.
• Perform manual and automated testing for injection flaws, authentication bypass, and misconfigurations.
• Analyze application logic to uncover business logic vulnerabilities beyond automated scans.
• Collaborate with development and DevSecOps teams to verify vulnerabilities and guide remediation.
• Produce detailed vulnerability assessment and penetration test reports for technical and non-technical audiences.
• Contribute to threat modeling and secure development practices during design and testing phases.

Requirements

• 3–5 years of experience in web application security testing or ethical hacking
• Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field
• Industry certifications such as OSWE, OSCP, or CEH are a strong advantage.
• Strong knowledge of web application architecture, HTTP/HTTPS, authentication, and secure coding.
• Hands-on experience with penetration testing tools like Burp Suite, OWASP ZAP, SQLMap, Nmap.
• Experience testing modern web frameworks and RESTful/GraphQL APIs.
• Ability to read and analyze code/scripts in JavaScript, Python, PHP is a plus.
• Excellent report writing and communication skills