Назад
Company hidden
2 дня назад

Red Team PenTester

Формат работы
hybrid
Тип работы
fulltime
Грейд
middle/senior
Английский
b2
Страна
Romania
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Red Team PenTester (Cybersecurity): Assessing the security posture of web applications, networks, and cloud infrastructures through realistic attack simulations with an accent on manual exploitation and adversary-style attack chains. Focus on identifying vulnerabilities, executing lateral movement, and providing actionable risk-based guidance to engineering teams.

Location: Must be based in Bucharest, Romania (with valid visa/work permit)

Company

hirify.global is a global leader in secure connectivity and processing solutions for embedded applications, dedicated to making products and environments safer and more sustainable.

What you will do

  • Perform comprehensive penetration tests on web applications, APIs, and internal network infrastructures.
  • Execute adversary-style attack chains including lateral movement and privilege escalation.
  • Assess cloud environments (AWS, Azure, GCP) for configuration and architectural weaknesses.
  • Conduct manual security testing beyond automated scanning tools.
  • Produce high-quality reports detailing technical findings and business impact.
  • Present remediation guidance to both technical and non-technical stakeholders.

Requirements

  • 3+ years of hands-on penetration testing or offensive security experience.
  • Must have a valid visa and work permit to work in Romania.
  • Strong understanding of OWASP Top 10, API security, and Active Directory exploitation.
  • Proficiency in Linux/Windows environments and scripting with Bash, PowerShell, or Python.
  • Experience with core offensive tools like Burp Suite, Metasploit, and Impacket.
  • Excellent communication skills for explaining security risks to diverse audiences.

Nice to have

  • Certifications such as OSCP, PNPT, CRTO, or OSWE.
  • Experience with cloud penetration testing and source code review.
  • Knowledge of EDR/AV evasion techniques in lab settings.
  • Threat modeling and attack path analysis skills.

Culture & Benefits

  • Permanent full-time contract with competitive salary and bonus plan.
  • Flexible work hours and a work-from-home policy.
  • 25 vacation days and employee share purchase program with 15% discount.
  • Access to online and offline learning opportunities for career development.
  • On-site amenities including cafeteria, relaxation areas, and library.
  • Social activities including team events, food fairs, and community giving initiatives.

Hiring process

  • Initial screening of CV and motivation letter.
  • Phone or video conversation with a Talent Acquisition Consultant.
  • Several business interviews with the team.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →