Senior Penetration Tester (Cybersecurity)

TL;DR

Senior Penetration Tester (Cybersecurity): Conducting white-box and black-box penetration tests across applications, infrastructure, and APIs with an accent on identifying vulnerabilities and root cause analysis. Focus on building automation tools for reconnaissance and partnering with engineering teams to implement scalable security fixes.

Location: Hybrid, London Area, United Kingdom

Company

hirify.global is a specialized recruitment firm focused on connecting top security talent with leading organizations.

What you will do

• Execute white-box and black-box penetration tests across applications, infrastructure, and APIs.
• Triage bug bounty reports and perform deep-dive root cause and variant analysis.
• Develop scalable tools for reconnaissance, automation, and security insights.
• Collaborate closely with engineers and the SOC to transform vulnerabilities into actionable fixes.
• Share expertise through technical demos, workshops, and hands-on knowledge-sharing sessions.
• Help shape and evolve the security program as the organization grows.

Requirements

• Solid professional experience in penetration testing and offensive security.
• Ability to identify vulnerabilities within code, particularly in Java and Node.js.
• Deep understanding of modern architectures, including AWS, microservices, and APIs.
• Proficiency in Python for scripting and contributing to larger security projects.
• Ability to communicate complex findings and provide practical remediation advice.

Nice to have

• Industry certifications such as OSCP, OSWE, CREST, GIAC, or AWS security certifications.
• Active involvement in the security community, CTFs, or bug bounty hunting.