Oferta pracy Senior Cybersecurity Consultant - Pentester, Gdańsk

About the Role

As a Senior Cybersecurity Consultant – Pentester, you’ll play a key role in delivering advanced offensive security services to our global clients. You’ll conduct penetration testing, red team exercises, social engineering campaigns, code reviews, and more. Working alongside top security experts in a multinational environment, you will assess real-world risks and help organizations strengthen their overall security posture.

This is an opportunity for a mature, self-driven security professional to contribute to high-impact engagements and continuously evolve their skillset in a fast-moving cyber landscape.

Key Responsibilities

• Lead and execute complex Attack & Penetration Testing engagements across various systems (web, mobile, cloud, infrastructure)
• Perform Red Team and Purple Team assessments using frameworks like MITRE ATT&CK
• Conduct application code reviews, security architecture assessments, and threat modeling
• Participate in social engineering simulations, including phishing and physical intrusion scenarios
• Provide clear, actionable remediation guidance to clients based on findings
• Translate complex technical issues into business risks understandable by non-technical stakeholders
• Collaborate with internal teams on capability building and knowledge sharing
• Maintain detailed documentation of findings, methodology, and recommendations

Qualifications & Requirements

• 3+ years of experience in penetration testing, security consulting, or IT security roles
• Deep understanding of network protocols, operating systems, and enterprise IT architecture
• Expertise in web application internals (frontend and backend)
• Familiarity with industry frameworks and standards (OWASP ASVS, MITRE ATT&CK, etc.)
• Experience with cloud security testing (AWS, Azure, GCP)
• Strong grasp of Red Team methodologies, OSINT, and social engineering techniques
• Knowledge of vulnerability mitigation techniques and secure coding practices
• Effective communication skills with the ability to present technical findings to both technical and non-technical stakeholders
• Highly autonomous, analytical, and detail-oriented
• Proficiency in English (spoken and written); additional language is a plus
• Relevant certifications such as OSCP, OSWE, GPEN, or similar

Nice to Have

• Participation in Bug Bounty programs or public Responsible Disclosures
• Granted CVEs or public security research
• Programming experience in Python, C++, C#, or Java
• Familiarity with tools such as Burp Suite, Metasploit, Cobalt Strike, or custom exploit development