Description

We are looking for a Web Penetration Tester with experience in security assessment of web applications. You should be familiar with OWASP Top 10 and OWASP Testing Guide (WSTG) standards and capable of performing manual penetration tests and using automated tools. This position is suitable for individuals passionate about discovering vulnerabilities and helping improve web application security.

Responsibilities

• Perform manual and automated penetration tests on web applications
• Identify and analyze security vulnerabilities based on OWASP Top 10 and WSTG
• Prepare detailed and comprehensive security findings reports
• Provide practical remediation solutions for vulnerabilities
• Collaborate with development teams to implement security solutions
• Use penetration testing tools such as Burp Suite, OWASP ZAP, and SQLMap
• Evaluate the effectiveness of implemented security solutions

Requirements

• Minimum 3 years of experience in penetration testing and security assessment of web applications
• Strong knowledge of OWASP Top 10 and OWASP Testing Guide (WSTG) standards
• Experience with penetration testing tools: Burp Suite, OWASP ZAP, SQLMap, Nmap
• Familiarity with web vulnerabilities: SQL Injection, XSS, CSRF, SSRF, XXE
• Ability to write automated test scripts with Python or Bash
• Skills in code analysis and understanding web application architecture
• Ability to prepare technical reports and present to non-technical teams

Preferred (Optional)

• Security certifications: OSCP, CEH, GWAPT
• Experience in API penetration testing (REST and GraphQL)
• Familiarity with modern web frameworks: React, Vue, Angular
• Experience in security assessment of Single Page Applications (SPA)
• Skills in using SAST and DAST tools

Skills

Experience: 3-5 years