Penetration Tester – Europe

Job Description

An exciting opportunity is available for an experienced Penetration Tester to join a fast-paced international cybersecurity environment focused on strengthening digital infrastructure and cloud security operations across Europe.
This role is ideal for security professionals who enjoy uncovering vulnerabilities, improving application security, and working closely with engineering teams to build resilient systems against modern cyber threats.

About the Position

As a Penetration Tester, you will perform advanced security assessments on web applications, mobile platforms, cloud systems, and enterprise environments. You’ll play a key role in identifying security weaknesses, validating risks, and helping teams implement effective remediation strategies.
The position also involves contributing to incident response efforts and staying informed about emerging attack techniques, vulnerability trends, and defensive security practices.

Main Responsibilities

Security Assessments & Ethical Hacking

• Conduct penetration testing on web applications, APIs, cloud platforms, and mobile applications
• Simulate real-world attack scenarios to identify exploitable vulnerabilities
• Evaluate application security posture and recommend mitigation strategies
• Perform vulnerability validation and risk analysis

Reporting & Risk Documentation

• Prepare comprehensive technical reports outlining findings and remediation guidance
• Clearly communicate security risks to both technical and non-technical stakeholders
• Document exploitation methods and provide actionable security recommendations
• Track remediation progress and support follow-up assessments

Incident Response & Threat Analysis

• Assist with cybersecurity investigations and incident response activities
• Analyze evolving attack methods and emerging vulnerabilities
• Support internal security improvement initiatives and defense strategies
• Contribute to strengthening overall organizational security maturity

Security Research & Collaboration

• Stay current with bug bounty methodologies and ethical hacking techniques
• Work closely with engineering and operations teams to improve secure development practices
• Participate in cloud security reviews and infrastructure assessments
• Share technical insights and best practices across teams

Required Skills & Experience

• Technical Expertise
• 3–5 years of hands-on experience in penetration testing or information security

Strong understanding of common web vulnerabilities including:

• SQL Injection
• Cross-Site Scripting (XSS)
• Cross-Site Request Forgery (CSRF)
• File upload vulnerabilities
• Experience testing Android and iOS mobile applications
• Familiarity with cloud security principles and enterprise environments

Security Tools & Programming

Proficiency using tools such as:

• Burp Suite
• Nmap
• Metasploit
• Working knowledge of Python or JavaScript for scripting and automation
• Experience with vulnerability management and security assessments

Communication & Professional Skills

• Strong analytical thinking and attention to detail
• Excellent technical documentation and reporting abilities
• Ability to explain complex security findings clearly
• English and Chinese language proficiency (C1 preferred)

Preferred Qualifications

• Experience participating in bug bounty programs
• Background in cloud security operations or large-scale infrastructure environments
• Exposure to incident response or security operations workflows

Why Join This Team?

Build Real Security Impact

• Contribute directly to improving cloud security, application security, and incident response capabilities across modern digital infrastructure.

Collaborative International Environment

• Work alongside experienced cybersecurity professionals, engineers, and operational teams in a highly collaborative setting.

Continuous Technical Growth

• Gain exposure to modern attack techniques, enterprise cloud systems, and evolving cybersecurity technologies.

Meaningful Challenges

• Take ownership of security assessments and help shape long-term security maturity strategies within a rapidly growing environment.

Helpful EU & Government Cybersecurity Resources

• European Union Agency for Cybersecurity (ENISA)
• EU Cyber Resilience Act Information
• GDPR Official EU Portal
• European Cybersecurity Competence Centre (ECCC)
• CERT-EU Cybersecurity Resources