Penetration Tester

Apply for job

Back to all jobs

Strategic Staffing Solutions International client is a leading global financial services company providing investment banking, Global Market and investment management services to a substantial and diversified client base that includes corporations, financial institutions, governments, and high-net-worth individuals. The company is headquartered in New York and maintains offices in London, Frankfurt, Tokyo, Bengaluru, Hong Kong and other major financial centers around the world.

As a Penetration Tester in the global Penetration Testing Team, you will identify vulnerabilities in applications, infrastructure, and cloud environments. You will conduct security assessments—often as a solo tester—on newly developed or updated systems and engage with development teams to drive remediation and long-term improvements.

Key Responsibilities:

  • Conduct manual and automated penetration tests on web applications, infrastructure, and cloud systems.
  • Independently execute 1–2 week testing engagements, from scoping through to debrief.
  • Perform detailed source code reviews to supplement dynamic testing and validate findings.
  • Interact with application owners (developers, product teams) to scope assessments and deliver results.
  • Analyze complex systems, identify security flaws, and escalate issues requiring remediation.
  • Collaborate with teams to recommend mitigations and systemic security improvements.
  • Share insights and expertise with internal security and engineering teams.
  • Contribute to a strong internal testing community by mentoring others and developing shared resources.

Skills & Experience Required:

  • Proven experience in application-level and infrastructure penetration testing.
  • Strong understanding of web security fundamentals (e.g., OWASP Top 10, authentication flaws, injection issues).
  • Ability to build exploit chains and articulate the business impact of vulnerabilities.
  • Proficiency in one or more programming languages (e.g., Java, JavaScript, Python, C++, C#).
  • Experience with both dynamic and static analysis, including reverse engineering and fuzzing.
  • Familiarity with key tools: Burp Suite, Wireshark, netcat, Ghidra, etc.
  • Sound knowledge of the TCP/IP stack and major network protocols.
  • Ability to produce clear, actionable reports and communicate technical concepts to diverse stakeholders.

Preferred Qualifications:

  • Experience developing or customizing proof-of-concept exploits.
  • Understanding of modern cloud platforms (e.g., AWS, GCP, Azure) and cloud security concepts.
  • Bachelor’s degree in Computer Science, Cybersecurity, or related technical field.
  • Relevant certifications such as OSCP, OSEP, OSWP, or equivalent experience.
  • Background in related disciplines: cloud security, network/device administration, or secure software development.

We offer:

  • Competitive Salary – Gross salary up to 24,200 PLN / B2B 200 PLN/hour based on experience.
  • International Environment – Work with a professional team in a dynamic, global setting.
  • Growth & Development – Access to top-tier training and career advancement opportunities.
  • Premium Workspace – High-end office in the heart of Warsaw.
  • Onsite Work Model – Collaborate closely with your team in a stimulating office environment.
  • Flexible Contract – 1 year contract.

Job country Poland

Job type Contract

Job category Information Technology

Job location Warsaw – Hybrid

Reference JOB-169857

Apply now

"*" indicates required fields

Accepted file types: doc, docx, pdf, txt, Max. file size: 3 MB.