Requirements

Optional technologies

Java

Kotlin

Swift

Objective C

Operating system

Windows

Our requirements

• At least 4 years of hands-on experience in penetration testing
• Strong understanding of web, mobile, and infrastructure security testing
• Excellent communication skills in English, both written and verbal
• Proven programming or scripting experience in one or more languages
• Critical thinking skills and ability to articulate risks clearly
• Deep knowledge of TCP/IP and security implications of networking
• Familiarity with dynamic and static application security testing tools
• Understanding of software development lifecycles and DevOps environments
• Subject matter expertise in at least one pentesting domain
• Demonstrated ability to work independently and solve complex problems

Optional

• Previous participation in Bug Bounty Programs
• Experience with OWASP MASVS, MSTG, and mobile app security standards
• Security testing or development experience with iOS and Android platforms
• Knowledge of secure authentication mechanisms such as JWT, SAML, OAuth2
• Familiarity with security tools like SAST, DAST, and IAST
• Experience performing security code reviews in Java, Kotlin, Swift, or Objective C
• Background in enterprise cloud-hosted application testing
• Prior experience with mobile app reverse engineering or disassembly
• Practical knowledge of platform security models for iOS and Android
• Understanding of secure application design and cryptographic implementations

Your responsibilities

• Analyzing and prioritizing security vulnerability reports from the Bug Bounty Program
• Reproducing and validating reported vulnerabilities to confirm impact
• Performing root cause analysis to support effective remediation
• Communicating with internal technical and non-technical stakeholders
• Engaging with external security researchers on reported findings
• Advising teams on secure development practices and remediation strategies
• Collaborating across departments to track and monitor resolution of findings
• Driving improvements in tooling, automation, and workflow efficiency
• Supporting the maturity and scalability of the Bug Bounty Program
• Documenting and maintaining records of findings and actions taken