Просмотр вакансии

We are looking for a Middle Pentester / Application Security Engineer to focus on regular vulnerability scanning and penetration testing. You will be responsible for identifying and exploiting vulnerabilities, configuring and running scanners (SAST, DAST, SCA, Container/IaC Security), integrating security checks into CI/CD pipelines, and preparing detailed reports with PoCs.

Обязанности:

• Penetration testing of web and API applications

• Manual testing and vulnerability exploitation

• Automated vulnerability scanning and CI/CD integration

• Preparing reports with PoCs and remediation recommendations

• Supporting AppSec processes and developer training

• 3+ years of experience in Pentesting / Application Security

• Strong knowledge of OWASP Top 10 and API Top 10

• Hands-on experience with Burp Suite, OWASP ZAP, Nessus, Acunetix

• Experience with SAST, SCA, and CI/CD integration

• Coding skills in PHP, JS/TS, Java, or Go

• Understanding of REST, OAuth2, JWT

• Nice to have: mobile application pentesting, bug bounty/CTF participation, exploit development, Kubernetes

• Official employment and support for a work visa
• Opportunities for professional growth
• Friendly work environment
• Flexible start to the workday