Penetration Tester – Europe

Job Description

About the Role

We are seeking a cybersecurity professional who thrives in uncovering weaknesses before attackers do. In this role, you will operate at the intersection of offensive security and defensive resilience—helping strengthen modern digital systems across web, mobile, and cloud environments.

You’ll be part of a global engineering ecosystem where security is not an afterthought, but a core foundation of innovation.

This role aligns with broader European cybersecurity priorities and regulatory standards such as those outlined by the European Commission’s digital security framework European Commission – Digital Strategy

 What You Will Do

• Perform in-depth penetration testing on web applications, mobile applications (Android/iOS), and connected systems
  Identify vulnerabilities such as injection flaws, authentication weaknesses, insecure APIs, and misconfigurations
  Validate security issues through safe exploitation and real-world attack simulation
  Produce clear, structured reports with technical detail, business risk context, and remediation guidance
  Track vulnerability fixes and verify security improvements over time
  Support incident response activities during active security events
  Stay updated with evolving attack techniques, threat intelligence, and defensive strategies
  Engage with ethical hacking and bug bounty ecosystems where applicable

EU-wide vulnerability reporting practices and security coordination standards are often guided by frameworks such as ENISA – European Union Agency for Cybersecurity

 What You Bring

• 3–5 years of experience in penetration testing or offensive security
  Strong knowledge of web vulnerabilities (SQLi, XSS, CSRF, file upload issues, etc.)
  Experience testing mobile applications and understanding platform-specific risks
  Familiarity with tools such as Burp Suite, Nmap, Metasploit, and similar frameworks
  Programming knowledge in Python or JavaScript is a plus
  Experience participating in bug bounty programs is highly valued
  Strong analytical mindset with attention to detail
  Ability to clearly explain technical risks to both technical and non-technical audiences
  Experience in cloud or large-scale distributed systems is an advantage
  Excellent communication skills (English required; additional languages are a plus)

EU cybersecurity research and best practices are often published via resources like EU Open Data Portal
and EUR-Lex EU Law Database, which help shape compliance and security standards.

 Why Join Us

• Be part of a global, collaborative cybersecurity team
  Work on real-world cloud security and incident response challenges
  Help shape security operations from the ground up
  Collaborate closely with engineering, operations, and leadership teams
  Operate in a fast-moving environment where your findings directly improve system resilience

The role also aligns with broader EU cybersecurity coordination efforts across member states, supported by institutions such as European Parliament – Cybersecurity Policy
and the wider EU digital ecosystem EU Official Portal
.