May 2, 2026

Pentester

Senior • Remote

Warsaw, Poland

Role Objective

The primary objectives of the role are to:

  • Identify security vulnerabilities in external and internal infrastructure/applications.

  • Validate the effectiveness of existing security controls.

  • Ensure compliance with DORA and PCI-DSS regulations.

  • Provide actionable remediation guidance.

Scope of Work

The Penetration Tester will be responsible for conducting comprehensive penetration tests across the following areas:

Asset Type Environment Notes

  • Web applications Staging/Prod Main customer portal, admin panels, complex business-oriented apps

  • Mobile applications Staging/Prod Android/iOS native apps, React Native

  • Cloud environment Production AWS/Azure/GCP, CIS benchmark

  • Thick client apps Production Desktop agents, use of API

  • External infra Production Firewalls, VPN gateways

  • Internal infra Production AD environment, database servers

  • APIs and microservices Staging/Prod REST API provided with Swagger

Testing Methodology

  • Manual vs Automated: Emphasis on manual exploitation. Automated scanning should not exceed 20% of effort.

  • Standards: Testing must adhere to OWASP Top 10 for web/mobile apps, PTES, or OSSTMM.

  • Credentials: For grey-box testing, accounts will be provided (e.g., admin, user, viewer) for privilege escalation testing.

Key Requirements

  • Proven experience in delivering high-quality pentest services to enterprise clients (at least 5 years of experience delivering pentests) and client references.

  • Team members with relevant certifications (e.g., OSCP, OSCE, OSWE, GPEN, GWAPT, CISSP).

  • High communication quality: clear verbal communication and reporting.

  • Ability to deliver detailed, structured, and actionable reports.

  • Use of industry-standard tools and methodologies.

Similar jobs you might like

Technology

DataArt

Penetration Tester

Mid

Remote

Wroclaw, Poland

12,000 - 15,000 PLN

🏢 Summary: The offer is for a Middle Penetration Tester responsible for conducting network and application-level security assessments using automated and manual techniques. The role involves identifying and validating vulnerabilities, preparing detailed reports, collaborating with clients, and contributing to internal security tools and processes. The position focuses on strengthening security posture through structured testing methodologies and technical research. 🗂️ Requirements: Minimum 1 year of experience in vulnerability assessments and penetration testing, Minimum 3 years of experience in IT industry, Experience with Linux, Windows, Active Directory, JavaScript, .NET, SQL, Experience applying structured penetration testing methodologies, Understanding of web application vulnerabilities, Ability to document vulnerabilities and remediation steps, Experience with Burp Suite, Nessus, Metasploit, Nmap, sqlmap, Knowledge of programming or scripting for security tools development 📃 Skills: Burp, Nessus, Metasploit, Nmap, sqlmap, Linux, Windows, ActiveDirectory, JavaScript, .NET, SQL, Scripting 🏢 Description: Project overview A security-focused initiative aimed at performing vulnerability assessments and penetration tests for a variety of digital systems. The project supports continuous improvement of security practices and contributes to the development of internal tools and methodologies. The work includes research activities, process enhancement, and collaboration with technical teams to strengthen the overall security posture. Team You will join a security-oriented team that consists of penetration testers, security analysts, and engineers. The team collaborates closely, shares knowledge, and supports research and internal tool development. Position overview We are looking for a Middle Penetration Tester who will be involved in network and application-level security assessments. You will use automated tools and manual techniques to identify and verify security vulnerabilities. This role includes preparing assessment reports, interacting with clients to clarify scope and gather information, and contributing to the improvement of security processes and tools. Technology stack Burp Suite, Nessus, Metasploit, Nmap, sqlmap, Linux, Windows, Active Directory, JavaScript, .NET, SQL, scripting languages Responsibilities Conduct network and application-level security assessments Use automated tools and manual techniques to identify and validate vulnerabilities Prepare clear and comprehensive assessment reports with root cause details and remediation steps Communicate with clients to gather information, clarify scope, and discuss security controls Support internal security competence development through research, tool creation, and process improvement Collaborate with other team members across security and engineering domains Requirements One year of experience performing vulnerability assessments and penetration tests Three years of experience in the IT industry with familiarity across technologies such as Linux, Windows, Active Directory, JavaScript, .NET, SQL Experience applying structured methodology for vulnerability assessments and penetration tests Understanding of web application vulnerabilities Ability to describe and report vulnerabilities along with typical remediation activities Experience with open source and commercial security tools, including Burp Suite, Nessus, Metasploit, Nmap, and sqlmap Knowledge of programming or scripting for creating auxiliary security tools Ability to work effectively with customers and self-manage in challenging situations Nice to have Security certifications, including OSCP, CRTO, CPTS, eWPT, BSCP Strong programming experience in a modern language Experience with mobile application penetration testing Experience with reverse engineering and binary analysis Experience publishing technical content or speaking at industry events Familiarity with security standards, including PCI DSS and ISO 27000

Technology

emagine Polska

Penetration Tester (m/w/d)

Senior

Remote

Berlin, BE, Germany

🏢 Summary: Experienced Penetration Tester responsible for planning, executing, and reporting comprehensive penetration tests across network, web, wireless, Active Directory, and physical environments for a public sector IT project. The role includes identifying vulnerabilities, performing realistic attack simulations, assessing compliance, and deriving concrete security improvements. Engagement is long-term and primarily remote within Germany. 🗂️ Requirements: Degree in ComputerScience or completed technical IT training, Minimum 3 years experience in ITSecurity, At least 2 years hands-on PenetrationTesting or RedTeam, Experience in minimum 2 large-scale projects over 250 users, Proven experience in WebApp Pentests Network Pentests or Cloud Pentests, Ability to develop own exploits or PoCs, Knowledge of compliance standards DSGVO BSI NIS, Fluent German language skills 📃 Skills: PenetrationTesting, RedTeam, NetworkSecurity, WLAN, WebSecurity, ActiveDirectory, Python, PowerShell, BurpSuite, Nmap, Metasploit, CobaltStrike, Nessus, OpenVAS, sqlmap, OSCP, GPEN, CEH, eJPT, CREST, CISSP, CISM, Jira, Confluence, SharePoint 🏢 Description: Für das Projekt wird ein erfahrener Penetration Tester (m/w/d) gesucht, der umfassende Penetration Tests plant, vorbereitet, durchführt und nachbereitet. Die Rolle umfasst sowohl technische Sicherheitsanalysen als auch die Ableitung konkreter Maßnahmen zur Erhöhung der IT-Sicherheit. Der Einsatz findet im Umfeld eines großen öffentlichen IT-Dienstleisters statt. Deine Aufgaben: Vor- und Nachbereitung sowie Durchführung abgestimmter Penetration Tests, u. a.: Network Penetration Testing WLAN Penetration Testing Web Application Penetration Testing Active Directory Penetration Testing Physical Penetration Testing Ermittlung bekannter und unbekannter Sicherheitslücken in IT-Systemen und Anwendungen Analyse der Sicherheitslage der IT-Infrastruktur sowie Prüfung der Compliance-Vorgaben (z. B. DSGVO, BSI-Grundschutz, NIS-Richtlinie) Durchführung realitätsnaher Angriffssimulationen zur Risikobewertung Ableitung von Maßnahmen zur Verbesserung der IT-Sicherheit und Präsentation der Ergebnisse Sicherstellung, dass alle Aktivitäten transparent, nachvollziehbar und rechtskonform erfolgen Dein Profil: Abgeschlossenes Informatik-Studium oder eine anerkannte technische Berufsausbildung (z. B. Fachinformatiker) Mindestens 3 Jahre praktische Erfahrung im Bereich IT-Sicherheit, davon mindestens 2 Jahre in Penetration Tests bzw. Red-Team-Übungen Beteiligung an mindestens 2 größeren Projekten (Unternehmen / Behörde mit >250 Mitarbeitenden), z. B. Web-App-Pentests, Netzwerk-Pentests, Cloud-Pentests Gute Deutschkenntnisse in Wort und Schrift Zuschlagskriterien: Umfangreiche Erfahrung in Pen-Tests / Red-Team Mehrere Referenzprojekte Zertifizierungen wie OSCP, GPEN, CEH, eJPT, CREST, CISSP/CISM Erfahrung mit Werkzeugen wie Burp Suite, Nmap, Metasploit, Cobalt Strike, Nessus/OpenVAS, sqlmap, etc. Fähig, eigene Exploits / PoCs zu entwickeln (Python, PowerShell) Erfahrung mit Jira, Confluence, SharePoint Andere Details: Zeitraum: Rahmenvereinbarung bis 2030 Arbeitsort: Remote/Deutschland Bei Interesse freue ich mich auf Deine Bewerbungsunterlagen , Verfügbarkeit und Stundensätze an tamara.petrovic.turkovic@emagine.de

Technology

emagine Polska

Penetration Tester (m/w/d)

Senior

Remote

Berlin, Germany

🏢 Summary: Experienced Penetration Tester responsible for planning, executing, and reporting comprehensive penetration tests across network, web, wireless, Active Directory, and physical environments. The role includes realistic attack simulations, compliance assessments, and deriving concrete security improvement measures within a large public IT environment. Engagement is long-term and primarily remote within Germany. 🗂️ Requirements: Completed degree in Computer Science or recognized technical IT training, Minimum 3 years experience in IT security, At least 2 years hands-on experience in penetration testing or red teaming, Experience in at least 2 large-scale projects (>250 users), Proven experience in web, network or cloud penetration testing, Ability to conduct independent security assessments and exploit development, Good German language skills (written and spoken) 📃 Skills: PenetrationTesting, RedTeaming, NetworkSecurity, WebSecurity, WLAN, ActiveDirectory, CloudSecurity, BurpSuite, Nmap, Metasploit, CobaltStrike, Nessus, OpenVAS, sqlmap, Python, PowerShell, Jira, Confluence, SharePoint, OSCP, GPEN, CEH, eJPT, CREST, CISSP, CISM 🏢 Description: Für das Projekt wird ein erfahrener Penetration Tester (m/w/d) gesucht, der umfassende Penetration Tests plant, vorbereitet, durchführt und nachbereitet. Die Rolle umfasst sowohl technische Sicherheitsanalysen als auch die Ableitung konkreter Maßnahmen zur Erhöhung der IT-Sicherheit. Der Einsatz findet im Umfeld eines großen öffentlichen IT-Dienstleisters statt. Deine Aufgaben: Vor- und Nachbereitung sowie Durchführung abgestimmter Penetration Tests, u. a.: Network Penetration Testing WLAN Penetration Testing Web Application Penetration Testing Active Directory Penetration Testing Physical Penetration Testing Ermittlung bekannter und unbekannter Sicherheitslücken in IT-Systemen und Anwendungen Analyse der Sicherheitslage der IT-Infrastruktur sowie Prüfung der Compliance-Vorgaben (z. B. DSGVO, BSI-Grundschutz, NIS-Richtlinie) Durchführung realitätsnaher Angriffssimulationen zur Risikobewertung Ableitung von Maßnahmen zur Verbesserung der IT-Sicherheit und Präsentation der Ergebnisse Sicherstellung, dass alle Aktivitäten transparent, nachvollziehbar und rechtskonform erfolgen Dein Profil: Abgeschlossenes Informatik-Studium oder eine anerkannte technische Berufsausbildung (z. B. Fachinformatiker) Mindestens 3 Jahre praktische Erfahrung im Bereich IT-Sicherheit, davon mindestens 2 Jahre in Penetration Tests bzw. Red-Team-Übungen Beteiligung an mindestens 2 größeren Projekten (Unternehmen / Behörde mit >250 Mitarbeitenden), z. B. Web-App-Pentests, Netzwerk-Pentests, Cloud-Pentests Gute Deutschkenntnisse in Wort und Schrift Zuschlagskriterien: Umfangreiche Erfahrung in Pen-Tests / Red-Team Mehrere Referenzprojekte Zertifizierungen wie OSCP, GPEN, CEH, eJPT, CREST, CISSP/CISM Erfahrung mit Werkzeugen wie Burp Suite, Nmap, Metasploit, Cobalt Strike, Nessus/OpenVAS, sqlmap, etc. Fähig, eigene Exploits / PoCs zu entwickeln (Python, PowerShell) Erfahrung mit Jira, Confluence, SharePoint Andere Details: Zeitraum: Rahmenvereinbarung bis 2030 Arbeitsort: Remote/Deutschland Bei Interesse freue ich mich auf Deine Bewerbungsunterlagen , Verfügbarkeit und Stundensätze an tamara.petrovic.turkovic@emagine.de

Technology

New offer

Link Group

Global Penetration Testing Manager

Senior

Hybrid

Kraków, Poland

🏢 Summary: Senior cybersecurity leadership role focused on managing global penetration testing operations within a banking environment, including governance, compliance, strategy, and stakeholder management. The position oversees regional execution, risk-based planning, vendor management, and executive reporting while ensuring regulatory alignment. Candidates are expected to combine deep penetration testing expertise with leadership experience in multinational organizations. 🗂️ Requirements: 8–10 years of experience in penetration testing service delivery or coordination, Experience managing technical service delivery and cross-border teams, Ability to present security topics to C-suite executives and regulatory bodies, Fluent English, Deep knowledge of penetration testing and cybersecurity, Experience with international process implementation, Experience with risk-based decision-making, Bachelor’s degree in Computer Science, Cybersecurity, or equivalent experience, At least one certification: OSCP, At least one certification: OSCE, At least one certification: CREST-CRT, At least one certification: CREST CCT, At least one certification: CISSP, At least one certification: CISM, At least one certification: GIAC GPEN 📃 Skills: Pentesting, Cybersecurity, OSCP, OSCE, CREST, CISSP, CISM, GIAC, GPEN, RedTeaming, PurpleTeaming, ThreatModeling, ExploitDevelopment, RiskAssessment, Compliance, KPIs, KRIs 🏢 Description: Global Service Lead – Pentest Coordination We are seeking a senior cybersecurity leader to take ownership of our global penetration testing operations. In this role, you will define the strategic direction, oversee regional execution, ensure regulatory compliance, and manage relationships with high-level stakeholders and C-suite executives across a global banking environment. Key Responsibilities Global Governance & Compliance: Safeguard the quality and compliance of global penetration testing services. Ensure all activities align with bank internal policies and global regulatory requirements, collaborating closely with regional leads in AMER, APAC, and EMEA. Team Leadership & Strategy: Directly manage the EMEA Pentest Coordination Team Lead. Provide strategic guidance to ensure flawless execution, technical review accuracy, and timely delivery across the EMEA region. Strategic Planning (Book of Work): Lead the creation, formalization, and stakeholder validation of the annual global pentest Book of Work. Risk-Based Prioritization: Align testing schedules and priorities with threat modeling and risk-based assessment methodologies. Vendor & Budget Management: Consolidate and oversee the global pentest budget, ensuring cost-effectiveness. Conduct regular performance reviews of both internal and external testing providers to drive continuous service improvement. Metrics, KPIs & Audit Readiness: Maintain data integrity within reporting platforms. Define and track KPIs/KRIs, deliver regular executive reporting, and support both internal and external regulatory audits. Requirements Leadership & Experience: 8–10 years of experience in a similar penetration testing service delivery or coordination role. Proven track record of managing technical service delivery and cross-border teams within large, multinational organizations . Strong executive presence with the ability to facilitate steering committees and confidently present complex security topics to C-suite executives and regulatory bodies . Exceptional cross-cultural collaboration and communication skills, with complete fluency in English . Technical Expertise & Qualifications: Deep domain knowledge in penetration testing and broader cybersecurity practices. Solid experience in international process implementation and data-driven, risk-based decision-making. Education: Bachelor’s degree in Computer Science, Cybersecurity, or equivalent practical experience. Certifications (Must hold at least one): OSCP, OSCE, CREST-CRT, CREST CCT, CISSP, CISM, or GIAC GPEN. Nice to Have Professional experience within the banking or financial services sector (ideally a global investment bank). Prior experience serving as an advisor to a CISO or participating in risk-steering committees. Hands-on technical background in Red Teaming / Purple Teaming , advanced threat modeling, or exploit development.

Technology

emagine Polska

Penetrationstester

Senior

On-site

Copenhagen, Denmark

🏢 Summary: Penetration tester role focused on conducting approximately 25 in-depth penetration tests of applications and networks within the public sector during 2026 (Q2–Q4). The assignment includes vulnerability analysis, retesting, and delivery of detailed technical reports in Danish. The consultant will test both legacy and modern technologies and present findings to stakeholders. 🗂️ Requirements: Proven experience with penetration testing in public sector environments, Strong knowledge of security research and vulnerability analysis, Experience performing application and network penetration tests, Ability to analyze complex systems and networks, Experience writing detailed technical security reports in Danish, Ability to communicate technical findings clearly, Experience with retesting and validation of vulnerabilities 📃 Skills: Penetrationtesting, Vulnerabilityanalysis, Securityresearch, Networksecurity, Applicationsecurity, OSCP, CEH, Scripting, Securityscanners, Reporting 🏢 Description: For en af vores kunder søger vi en dygtig Penetrationstester med erfaring inden for det statslige område til at udføre penetrationstests af diverse løsninger. 1.2 Beskrivelse af opgaven Formålet med gennemførelsen af pentests er at lave dybdegående afprøvning af sårbarheder, hvilke sammenholdes med de sårbarhedsscanninger, som kunden selv udfører løbende. Målet er at forsøge at bryde ind i en given applikation eller netværk, bl.a. gennem udnyttelsen af kendte sårbarheder og usikkert konfigurerede systemer. Der efterspørges en række pentests af applikationer, herunder flere højtprioriterede og gentests. Tests skal gennemføres i 2026 (Q2-Q4) efter en prioriteret rækkefølge aftalt mellem konsulenten og kunden. Opgavens omfang er i omegnen af 25 tests, og applikationerne spænder over både ældre og nyere teknologier. konsulenten skal derfor besidde en bred teknologisk viden og forståelse. Primære ansvarsområder Udførelse af pentests af høj kvalitet. Indsamling og analyse af sårbarheder. Dokumentation af fundne sårbarheder og deres alvorlighed. Udarbejdelse af teknisk, elektronisk rapport på dansk. Udførelse af mundtlig gennemgang af rapportens resultater. Gennemførelse af gentests af applikationer. Nøglekrav Solid erfaring med penetrationstests i det statslige område. Omfattende viden om sikkerhedsforskning og sårbarhedsanalyse. Evne til at kommunikere teknisk information klart og præcist. Erfaring med at udarbejde detaljerede tekniske rapporter. Færdigheder i at analysere komplekse systemer og netværk. Nice to Have Certificeringer inden for IT-sikkerhed (f.eks. OSCP, CEH). Kendskab til moderne programmeringssprog. Erfaring med automatiserede sikkerhedsscannere. Andre detaljer Testene er planlagt til 2026 og vil være delt over Q2 til Q4. Konsulenten vil modtage den nødvendige dokumentation og testbrugere for at udføre pentests effektivt.

Technology

Creotech

DevOps Engineer (Security-focused / DevSecOps)

Mid

Hybrid

Warsaw, Poland

🏢 Summary: The role focuses on implementing and integrating security controls across applications, infrastructure, and cloud environments within a DevSecOps model. It involves embedding security into CI/CD pipelines, managing vulnerabilities, securing containers and Kubernetes, and supporting incident response. The position also ensures compliance with recognized security standards. 🗂️ Requirements: Minimum 3 years experience in cybersecurity or DevSecOps, Hands-on experience with SAST, DAST, SCA, and secret scanning tools, Experience securing CI/CD pipelines and SDLC, Experience in cloud security and infrastructure hardening, Knowledge of container and Kubernetes security, Experience with SIEM and incident response workflows, Knowledge of ISO 27001, NIST, SOC 2 standards 📃 Skills: SAST, DAST, SCA, CICD, Kubernetes, Containers, IAM, SIEM, RBAC, Cloud, SDLC, ISO27001, NIST, SOC2, DevSecOps 🏢 Description: Tasks Design and implement security controls across applications, infrastructure, and cloud environments Integrate SAST, DAST, SCA, secret scanning, and container scanning into CI/CD pipelines Define and enforce security gates within pipelines Harden cloud environments, IAM, and infrastructure configurations Manage vulnerability lifecycle (scanning, prioritization, remediation) Support incident response, root cause analysis, and post-incident improvements Secure containers and Kubernetes environments (RBAC, runtime policies) Ensure compliance with standards such as ISO 27001, NIST, SOC 2 Requirements At least 3 years of experience in cybersecurity, DevSecOps, or a related role Hands-on experience with AppSec tools (SAST, DAST, SCA, secret scanning) Experience securing CI/CD pipelines and SDLC processes Experience in cloud security and infrastructure hardening Knowledge of containers and Kubernetes security Ability to work with SIEM, logs, and incident response workflows Knowledge of security standards (ISO 27001, NIST, SOC 2) Very good command of English (B2+/C1), both written and spoken Nice to have Security certifications (Security+, CISSP, CCSP, CKS) Experience with policy-as-code and security automation Knowledge of threat modeling and secure architecture

Technology

Strategicsiq

Testers - Warsaw - Onsite

Senior

Hybrid

Warsaw, Poland

1,200 - 1,400 PLN

🏢 Summary: The offer is for an experienced Test Specialist to ensure high quality of complex IT systems delivered to a European Institution in Warsaw. The role focuses on designing and executing comprehensive testing activities, managing defects, and validating compliance with quality standards across the SDLC. It involves close collaboration with technical teams to maintain robust and reliable IT services. 🗂️ Requirements: Proven experience testing complex IT systems, Strong knowledge of software testing tools and methodologies, Expertise in test design techniques, Solid understanding of SDLC, Hands-on experience with Azure DevOps Test Plans, Ability to write and execute SQL queries, Experience performing unit, integration, functional, regression, performance, stress, and UAT testing, Ability to document test results and manage defects 📃 Skills: Testing, SDLC, Azure, DevOps, SQL, UAT, Regression, Integration, Performance, Stress, Exploratory, Unit 🏢 Description: We are looking for an experienced Test Specialist to support critical IT services delivered to a European Institution in Warsaw. The ideal candidate will bring strong hands-on testing expertise and the ability to ensure high quality standards across complex IT systems. Key Responsibilities In this role, you will: Develop detailed and well-structured test cases for software applications and systems Perform a broad range of testing activities including exploratory, unit, integration, functional, regression, performance, stress, and user acceptance testing Document and analyze test outcomes, track defects, and clearly communicate progress and risks Work closely with business analysts, architects, developers, and service desk teams to ensure quality throughout delivery Review technical and project documentation to validate compliance with quality standards Required Technical Expertise The successful candidate will demonstrate: Proven experience testing complex IT systems Strong practical knowledge of modern software testing tools and methodologies Expertise in test design techniques Solid understanding of the Software Development Lifecycle (SDLC) Hands-on experience with Azure DevOps Test Plans Ability to write and execute SQL queries Strong analytical thinking, attention to detail, and problem-solving capabilities Excellent communication and documentation skills

Technology

BLUE energy Sp. z o.o.

Tester Penetracyjny Aplikacji Web

Mid

Hybrid

Poznan, Poland

10,000 - 14,000 PLN

🏢 Summary: Offer for a Web Application Penetration Tester responsible for conducting manual and automated security testing of web applications for external clients. The role focuses on identifying and exploiting vulnerabilities, preparing detailed security reports, and advising on remediation. It involves working with recognized security tools and methodologies to ensure high application security standards. 🗂️ Requirements: Experience in web application penetration testing, Knowledge of web security vulnerabilities (XSS, SQL Injection, CSRF, RCE), Ability to use penetration testing tools (Burp Suite, OWASP ZAP, Nmap, Metasploit), Ability to analyze application code for security flaws, Understanding of web application architecture, Knowledge of OWASP and PTES methodologies, Ability to prepare technical security reports, Relevant security certifications (e.g. CEH, OSCP, CISSP, GWAPT) 📃 Skills: BurpSuite, OWASPZAP, Nmap, Metasploit, XSS, SQLInjection, CSRF, RCE, JavaScript, PHP, Python, OWASP, PTES, CEH, OSCP, CISSP, GWAPT 🏢 Description: Jako firma konsultingowa specjalizująca się w bezpieczeństwie IT, poszukujemy Testera Penetracyjnego Aplikacji Web , który dołączy do naszego zespołu. Osoba na tym stanowisku będzie odpowiedzialna za realizację testów penetracyjnych aplikacji webowych w ramach projektów dla naszych zewnętrznych klientów. Będziesz pracować nad identyfikowaniem luk w zabezpieczeniach aplikacji, wspierając naszych klientów w zapewnianiu najwyższego poziomu bezpieczeństwa ich systemów. Zakres obowiązków: Realizacja testów penetracyjnych aplikacji webowych dla różnych klientów, w tym identyfikowanie i eksploatowanie luk w zabezpieczeniach Audytowanie aplikacji pod kątem zagrożeń takich jak XSS, SQL Injection, CSRF, RCE i innych typowych wektorów ataków Przeprowadzanie testów manualnych oraz automatycznych przy użyciu narzędzi takich jak Burp Suite, OWASP ZAP, Metasploit, itp. Przygotowywanie szczegółowych raportów z przeprowadzonych testów, w tym rekomendacji dotyczących poprawy zabezpieczeń Współpraca z zespołami deweloperskimi klientów, doradztwo w zakresie implementacji poprawek bezpieczeństwa Udział w analizach ryzyka i opracowywanie zaleceń dla klientów w zakresie bezpieczeństwa aplikacji webowych Wymagania: Doświadczenie w przeprowadzaniu testów penetracyjnych aplikacji webowych, w tym znajomość narzędzi i metod wykorzystywanych w tej dziedzinie (Burp Suite, OWASP ZAP, Nmap, Metasploit, itp.) Doskonała znajomość zagrożeń związanych z bezpieczeństwem aplikacji webowych (XSS, SQL Injection, CSRF, RCE, itp.) Umiejętność analizowania kodu aplikacji i identyfikowania potencjalnych luk w zabezpieczeniach Dobre rozumienie architektury aplikacji webowych i technologii wykorzystywanych w aplikacjach (JavaScript, PHP, Python, itp.) Umiejętności raportowania i przedstawiania wyników testów w sposób zrozumiały dla osób nietechnicznych (np. menedżerowie projektów, klienci) Certyfikaty z zakresu bezpieczeństwa (np. CEH, OSCP, CISSP, GWAPT) będą dodatkowym atutem Praktyczna znajomość metodologii testowania oraz standardów bezpieczeństwa (np. OWASP, PTES) Umiejętność pracy w zespole, komunikatywność oraz umiejętność pracy z klientami Oferujemy: Pracę nad interesującymi projektami z zakresu bezpieczeństwa aplikacji webowych dla klientów z różnych branż Atrakcyjne wynagrodzenie oraz pakiet benefitów (m. in. Multisport, ubezpieczenie i pakiet medyczny) Możliwość rozwoju zawodowego i certyfikacji w zakresie bezpieczeństwa IT Współpracę z zespołem ekspertów oraz wsparcie w realizacji wyzwań technicznych Elastyczne godziny pracy oraz możliwość pracy zdalnej lub hybrydowej Jeśli jesteś pasjonatem bezpieczeństwa aplikacji webowych i chcesz dołączyć do naszego zespołu, zapraszamy do aplikowania!

Technology

Euroclear

Tribe Test Engineer (Test Manager)

Senior

Hybrid

Krakow, Poland

🏢 Summary: Senior-level testing role responsible for defining and leading test and deployment strategies for complex or large-scale projects, ensuring software quality, risk control, and successful releases. The position involves managing test planning, execution, reporting, and deployment activities while overseeing teams and vendors. The role ensures delivery within quality, time, and budget targets in mission-critical environments. 🗂️ Requirements: Proven experience in software testing and quality assurance, Experience leading test strategy and deployment for complex or large projects, Ability to create and manage test plans, test cases, and test data, Experience with system testing, UAT, alpha and beta testing, Experience managing deployments to Pre-Production and Production environments, Ability to analyze and manage testing risks, Experience validating requirements and design documentation for testability, Experience leading and monitoring test execution and reporting, Project management experience in testing environments, Experience supervising or mentoring test teams 📃 Skills: Testing, QA, UAT, Alpha, Beta, Deployment, Pre-Production, Production, TestPlanning, TestCases, TestData, RiskManagement, Reporting, ProjectManagement 🏢 Description: Key Responsibilities Conducts a wide range of quality control tests and analyses to ensure that software meets or exceeds specified standards and end‑user requirements: Drafts, revises, and approves test plans and scripts to ensure alignment with standards and IT strategy. Creates test data files with valid and invalid records to thoroughly test program logic and verify system flow. Coordinates with users to plan user acceptance testing, alpha, and beta testing. Ensures that system tests are successfully completed and documented, and that all problems are resolved. Contributes to or manages deployment preparation and execution for both Pre‑Production and Production until the end of the warranty period. Role Overview Leads testing in a complex environment or for one or more standard to larger projects. Manages the preparation of systems and/or applications deployment. May manage the deployment itself. Is responsible for formulating the test and deployment strategy for their area and plans and leads work to ensure the delivery of the product within quality standards. May lead a team, project, or resources. Acts as the main reference point for problem escalation and is expected to plan and monitor the work of the team as well as external vendors. Has recognized expertise and authority in testing. Detailed Role Description Typically requires project management, organizational, and people‑leadership skills, as well as recognized expertise in testing. Uses these competencies: To formulate the test strategy, including the deployment approach, for one or more standard to larger projects. To specify and plan the corresponding activities and lead their execution, acting as the main reference point for problem escalation. To ensure that testing is carried out within budget and established procedures, meeting project testing objectives within quality, time, and budget targets. To analyze and monitor risks in the area of testing, identifying potential consequences and taking appropriate actions to prevent issues from materializing. Validates product design documentation to ensure that stated requirements are suitable for testing, unambiguous, and verifiable. Leads, guides, and monitors the analysis, design, implementation, and execution of test cases, test procedures, and/or test suites. Schedules tests for execution and monitors, measures, controls, and reports on test progress, product quality status, and test results, adapting the test plan as needed to adjust to evolving conditions. Produces a summary test report at the end of the project. May manage deployment activities (consolidating release scenarios, collecting authorizations, coordinating change delivery, and supporting operations after deployment). Work requires considering future implications beyond immediate problems and may involve creating new approaches and procedures to structurally address them. Provides feedback and development input into quality assurance methodologies and risk management strategy. Works with a high level of autonomy, with performance and outcomes subject to managerial review. Requires highly developed skills to motivate, influence, and persuade in the context of frequent interactions with a large and diverse set of stakeholders. Has a direct impact on the quality and stability of non‑stop applications and systems, helping avoid disruptions to mission‑critical services and supporting the company’s competitive advantage. Works and communicates with other stakeholders and vendors to ensure an effective quality assurance process is maintained and developed within the organization. May coach other testers stepping into this role. May supervise, develop, and assess the performance of Test Analysts. ​We welcome applicants from all backgrounds and experiences. If you meet most of the requirements and are excited about the role, we encourage you to apply.​

Technology

emagine Polska

Senior QA Engineer

Senior

On-site

Dublin, Ireland

🏢 Summary: Senior QA Tester role focused on functional and automated testing of legacy enterprise Java applications, ensuring quality, performance, and regression control. The position involves building automated test suites, defining risk-based testing strategies, and supporting modernization and migration efforts. Close collaboration with development teams to implement robust testing frameworks and performance validation is required. 🗂️ Requirements: Proven experience testing enterprise Java applications (JSP, Spring, Spring Boot), Experience with functional and automated testing, Ability to define and execute risk-based testing strategies, Practical API testing experience, Hands-on web test automation experience, Proficiency in writing Gherkin/Cucumber scenarios, Experience in performance and load testing analysis, Experience with legacy systems and reverse-engineered test scenarios, Experience implementing migration or modernization test strategies, Ability to document application behavior and define acceptance criteria 📃 Skills: Java, JSP, Spring, SpringBoot, Selenium, Playwright, Postman, Newman, REST, Gherkin, Cucumber, Jira, WebLogic, CI/CD 🏢 Description: Introduction & Summary We are seeking a Senior QA tester who has a strong focus on functional and automated testing. Main Responsibilities The primary responsibility involves quality assurance across legacy applications, ensuring both functional and performance metrics align with expectations. Key tasks include: Monitoring and reporting on quality regression. Building and maintaining automated and functional tests for legacy applications. Collaborating with product development QA resources to implement testing strategies. Conducting performance testing and reviewing outputs. Working closely with product development teams to create test harnesses. Utilizing QA tools like Gherkin, Selenium, and Jira. Engaging with various service and application development teams effectively. Key Requirements - Proven experience in testing enterprise Java applications (JSP, Spring/Spring Boot). - Ability to define and execute risk-based testing strategies. - Practical experience with Postman/Newman/REST Assured for API testing. - Hands-on experience with Playwright/Selenium for web testing. - Proficient in writing Gherkin/Cucumber test scenarios. - Expertise in performance and load testing analysis. - Experience with legacy frameworks requiring reverse-engineered test scenarios. - Proficient in migration/modernization test strategy implementation. - Ability to document application behavior and define acceptance criteria. Nice to Have - Familiarity with WebLogic to Java Enterprise Application Server differences. - Experience testing legacy Java frameworks that have been modernized. - Knowledge of CI/CD integration for testing. Other Details This role works under a hybrid model and requires this consultant to be onsite 2 days a week in the clients office in Dublin 2.