New offer - be the first one to apply!

July 11, 2026

Penetration Testing

Senior • Hybrid

1,100 - 1,360 PLN

Krakow, Poland

Project

We are looking for a skilled Security Researcher to join a Cybersecurity Assurance Center, part of a product security team responsible for penetration testing across a wide range of products. In this role, you will work on cutting-edge cybersecurity challenges, ensuring that products are secure before they reach the market.

Key Responsibilities

  • Perform penetration testing across hardware, software, cloud, mobile and OT environments
  • Identify, analyze and exploit vulnerabilities to prevent security issues before release
  • Collaborate closely with engineering teams to support a security-by-design approach
  • Use and develop advanced security tools, including custom cryptographic and reverse engineering solutions
  • Conduct research on emerging technologies, protocols and potential attack vectors
  • Prepare detailed technical reports and documentation
  • Participate in knowledge-sharing sessions and technical discussions

Required Skills & Experience

  • Strong understanding of TCP/IP networking and application protocols
  • Solid knowledge of software exploitation techniques and common vulnerabilities
  • Hands-on experience with port scanning, fuzzing, and vulnerability assessment tools
  • Knowledge of web technologies and related security risks
  • Familiarity with OWASP Top 10 and SANS Top 25
  • Experience with mobile application security and APIs
  • Proficiency in at least one scripting language (e.g. Python)
  • Good knowledge of cryptographic and security protocols
  • Experience using tools like Metasploit and writing custom exploits
  • Strong English communication skills (written and spoken)

Nice to Have

  • Experience with reverse engineering and binary analysis
  • Knowledge of hardware exploitation (UART, JTAG, I2C, firmware extraction)
  • Understanding of wireless technologies (RF, Bluetooth, NFC)

Responsibilities

  • Perform penetration testing on various systems, including hardware, software, cloud, mobile, and OT environments
  • Identify, analyze, and exploit vulnerabilities to improve product security before release
  • Collaborate with engineering teams to support secure development practices
  • Conduct vulnerability assessments, fuzz testing, and port scanning
  • Research new technologies, communication protocols, and associated security risks
  • Prepare detailed technical reports and internal documentation
  • Participate in knowledge-sharing and technical discussions
  • Use and develop advanced security tools, including custom-built solutions

About the Project

The client is an established global technology leader driving digital transformation and innovation to accelerate the transition toward a carbon-neutral future. The organization provides solutions and services across the energy value chain for utility, industry, and infrastructure sectors. The company operates globally across more than 100 countries and focuses on sustainable, flexible, and secure energy systems.

Similar jobs you might like

Technology

DataArt

Penetration Tester

Mid

Remote

Wroclaw, Poland

12,000 - 15,000 PLN

🏢 Summary: The offer is for a Middle Penetration Tester responsible for conducting network and application-level security assessments using automated and manual techniques. The role involves identifying and validating vulnerabilities, preparing detailed reports, collaborating with clients, and contributing to internal security tools and processes. The position focuses on strengthening security posture through structured testing methodologies and technical research. 🗂️ Requirements: Minimum 1 year of experience in vulnerability assessments and penetration testing, Minimum 3 years of experience in IT industry, Experience with Linux, Windows, Active Directory, JavaScript, .NET, SQL, Experience applying structured penetration testing methodologies, Understanding of web application vulnerabilities, Ability to document vulnerabilities and remediation steps, Experience with Burp Suite, Nessus, Metasploit, Nmap, sqlmap, Knowledge of programming or scripting for security tools development 📃 Skills: Burp, Nessus, Metasploit, Nmap, sqlmap, Linux, Windows, ActiveDirectory, JavaScript, .NET, SQL, Scripting 🏢 Description: Project overview A security-focused initiative aimed at performing vulnerability assessments and penetration tests for a variety of digital systems. The project supports continuous improvement of security practices and contributes to the development of internal tools and methodologies. The work includes research activities, process enhancement, and collaboration with technical teams to strengthen the overall security posture. Team You will join a security-oriented team that consists of penetration testers, security analysts, and engineers. The team collaborates closely, shares knowledge, and supports research and internal tool development. Position overview We are looking for a Middle Penetration Tester who will be involved in network and application-level security assessments. You will use automated tools and manual techniques to identify and verify security vulnerabilities. This role includes preparing assessment reports, interacting with clients to clarify scope and gather information, and contributing to the improvement of security processes and tools. Technology stack Burp Suite, Nessus, Metasploit, Nmap, sqlmap, Linux, Windows, Active Directory, JavaScript, .NET, SQL, scripting languages Responsibilities Conduct network and application-level security assessments Use automated tools and manual techniques to identify and validate vulnerabilities Prepare clear and comprehensive assessment reports with root cause details and remediation steps Communicate with clients to gather information, clarify scope, and discuss security controls Support internal security competence development through research, tool creation, and process improvement Collaborate with other team members across security and engineering domains Requirements One year of experience performing vulnerability assessments and penetration tests Three years of experience in the IT industry with familiarity across technologies such as Linux, Windows, Active Directory, JavaScript, .NET, SQL Experience applying structured methodology for vulnerability assessments and penetration tests Understanding of web application vulnerabilities Ability to describe and report vulnerabilities along with typical remediation activities Experience with open source and commercial security tools, including Burp Suite, Nessus, Metasploit, Nmap, and sqlmap Knowledge of programming or scripting for creating auxiliary security tools Ability to work effectively with customers and self-manage in challenging situations Nice to have Security certifications, including OSCP, CRTO, CPTS, eWPT, BSCP Strong programming experience in a modern language Experience with mobile application penetration testing Experience with reverse engineering and binary analysis Experience publishing technical content or speaking at industry events Familiarity with security standards, including PCI DSS and ISO 27000

Technology

emagine Polska

Pentester

Senior

Remote

Warsaw, Poland

🏢 Summary: The offer is for an experienced Penetration Tester to conduct comprehensive security assessments across web, mobile, cloud, infrastructure, and API environments. The role focuses on identifying vulnerabilities, validating security controls, and ensuring compliance with DORA and PCI-DSS through primarily manual testing. The candidate will deliver structured, actionable reports based on recognized security standards and methodologies. 🗂️ Requirements: Minimum 5 years of penetration testing experience, Proven delivery of enterprise-level pentests, Experience with web, mobile, cloud, API, and infrastructure testing, Strong manual exploitation skills, Knowledge of OWASP Top 10, PTES, OSSTMM, Ability to perform grey-box testing, Experience with AWS, Azure, or GCP environments, Ability to produce detailed technical reports, Relevant security certifications (OSCP, OSCE, OSWE, GPEN, GWAPT, CISSP) 📃 Skills: Pentesting, OWASP, PTES, OSSTMM, DORA, PCI-DSS, AWS, Azure, GCP, Android, iOS, React, REST, Swagger, API, ActiveDirectory, Firewalls, VPN, CIS, OSCP, OSCE, OSWE, GPEN, GWAPT, CISSP 🏢 Description: Role Objective The primary objectives of the role are to: Identify security vulnerabilities in external and internal infrastructure/applications. Validate the effectiveness of existing security controls. Ensure compliance with DORA and PCI-DSS regulations. Provide actionable remediation guidance. Scope of Work The Penetration Tester will be responsible for conducting comprehensive penetration tests across the following areas: Asset Type Environment Notes Web applications Staging/Prod Main customer portal, admin panels, complex business-oriented apps Mobile applications Staging/Prod Android/iOS native apps, React Native Cloud environment Production AWS/Azure/GCP, CIS benchmark Thick client apps Production Desktop agents, use of API External infra Production Firewalls, VPN gateways Internal infra Production AD environment, database servers APIs and microservices Staging/Prod REST API provided with Swagger Testing Methodology Manual vs Automated: Emphasis on manual exploitation. Automated scanning should not exceed 20% of effort. Standards: Testing must adhere to OWASP Top 10 for web/mobile apps, PTES, or OSSTMM. Credentials: For grey-box testing, accounts will be provided (e.g., admin, user, viewer) for privilege escalation testing. Key Requirements Proven experience in delivering high-quality pentest services to enterprise clients (at least 5 years of experience delivering pentests) and client references. Team members with relevant certifications (e.g., OSCP, OSCE, OSWE, GPEN, GWAPT, CISSP). High communication quality: clear verbal communication and reporting. Ability to deliver detailed, structured, and actionable reports. Use of industry-standard tools and methodologies.

Technology

emagine Polska

Penetration Tester (m/w/d)

Senior

Remote

Berlin, BE, Germany

🏢 Summary: Experienced Penetration Tester responsible for planning, executing, and reporting comprehensive penetration tests across network, web, wireless, Active Directory, and physical environments for a public sector IT project. The role includes identifying vulnerabilities, performing realistic attack simulations, assessing compliance, and deriving concrete security improvements. Engagement is long-term and primarily remote within Germany. 🗂️ Requirements: Degree in ComputerScience or completed technical IT training, Minimum 3 years experience in ITSecurity, At least 2 years hands-on PenetrationTesting or RedTeam, Experience in minimum 2 large-scale projects over 250 users, Proven experience in WebApp Pentests Network Pentests or Cloud Pentests, Ability to develop own exploits or PoCs, Knowledge of compliance standards DSGVO BSI NIS, Fluent German language skills 📃 Skills: PenetrationTesting, RedTeam, NetworkSecurity, WLAN, WebSecurity, ActiveDirectory, Python, PowerShell, BurpSuite, Nmap, Metasploit, CobaltStrike, Nessus, OpenVAS, sqlmap, OSCP, GPEN, CEH, eJPT, CREST, CISSP, CISM, Jira, Confluence, SharePoint 🏢 Description: Für das Projekt wird ein erfahrener Penetration Tester (m/w/d) gesucht, der umfassende Penetration Tests plant, vorbereitet, durchführt und nachbereitet. Die Rolle umfasst sowohl technische Sicherheitsanalysen als auch die Ableitung konkreter Maßnahmen zur Erhöhung der IT-Sicherheit. Der Einsatz findet im Umfeld eines großen öffentlichen IT-Dienstleisters statt. Deine Aufgaben: Vor- und Nachbereitung sowie Durchführung abgestimmter Penetration Tests, u. a.: Network Penetration Testing WLAN Penetration Testing Web Application Penetration Testing Active Directory Penetration Testing Physical Penetration Testing Ermittlung bekannter und unbekannter Sicherheitslücken in IT-Systemen und Anwendungen Analyse der Sicherheitslage der IT-Infrastruktur sowie Prüfung der Compliance-Vorgaben (z. B. DSGVO, BSI-Grundschutz, NIS-Richtlinie) Durchführung realitätsnaher Angriffssimulationen zur Risikobewertung Ableitung von Maßnahmen zur Verbesserung der IT-Sicherheit und Präsentation der Ergebnisse Sicherstellung, dass alle Aktivitäten transparent, nachvollziehbar und rechtskonform erfolgen Dein Profil: Abgeschlossenes Informatik-Studium oder eine anerkannte technische Berufsausbildung (z. B. Fachinformatiker) Mindestens 3 Jahre praktische Erfahrung im Bereich IT-Sicherheit, davon mindestens 2 Jahre in Penetration Tests bzw. Red-Team-Übungen Beteiligung an mindestens 2 größeren Projekten (Unternehmen / Behörde mit >250 Mitarbeitenden), z. B. Web-App-Pentests, Netzwerk-Pentests, Cloud-Pentests Gute Deutschkenntnisse in Wort und Schrift Zuschlagskriterien: Umfangreiche Erfahrung in Pen-Tests / Red-Team Mehrere Referenzprojekte Zertifizierungen wie OSCP, GPEN, CEH, eJPT, CREST, CISSP/CISM Erfahrung mit Werkzeugen wie Burp Suite, Nmap, Metasploit, Cobalt Strike, Nessus/OpenVAS, sqlmap, etc. Fähig, eigene Exploits / PoCs zu entwickeln (Python, PowerShell) Erfahrung mit Jira, Confluence, SharePoint Andere Details: Zeitraum: Rahmenvereinbarung bis 2030 Arbeitsort: Remote/Deutschland Bei Interesse freue ich mich auf Deine Bewerbungsunterlagen , Verfügbarkeit und Stundensätze an tamara.petrovic.turkovic@emagine.de

Technology

emagine Polska

Penetration Tester (m/w/d)

Senior

Remote

Berlin, Germany

🏢 Summary: Experienced Penetration Tester responsible for planning, executing, and reporting comprehensive penetration tests across network, web, wireless, Active Directory, and physical environments. The role includes realistic attack simulations, compliance assessments, and deriving concrete security improvement measures within a large public IT environment. Engagement is long-term and primarily remote within Germany. 🗂️ Requirements: Completed degree in Computer Science or recognized technical IT training, Minimum 3 years experience in IT security, At least 2 years hands-on experience in penetration testing or red teaming, Experience in at least 2 large-scale projects (>250 users), Proven experience in web, network or cloud penetration testing, Ability to conduct independent security assessments and exploit development, Good German language skills (written and spoken) 📃 Skills: PenetrationTesting, RedTeaming, NetworkSecurity, WebSecurity, WLAN, ActiveDirectory, CloudSecurity, BurpSuite, Nmap, Metasploit, CobaltStrike, Nessus, OpenVAS, sqlmap, Python, PowerShell, Jira, Confluence, SharePoint, OSCP, GPEN, CEH, eJPT, CREST, CISSP, CISM 🏢 Description: Für das Projekt wird ein erfahrener Penetration Tester (m/w/d) gesucht, der umfassende Penetration Tests plant, vorbereitet, durchführt und nachbereitet. Die Rolle umfasst sowohl technische Sicherheitsanalysen als auch die Ableitung konkreter Maßnahmen zur Erhöhung der IT-Sicherheit. Der Einsatz findet im Umfeld eines großen öffentlichen IT-Dienstleisters statt. Deine Aufgaben: Vor- und Nachbereitung sowie Durchführung abgestimmter Penetration Tests, u. a.: Network Penetration Testing WLAN Penetration Testing Web Application Penetration Testing Active Directory Penetration Testing Physical Penetration Testing Ermittlung bekannter und unbekannter Sicherheitslücken in IT-Systemen und Anwendungen Analyse der Sicherheitslage der IT-Infrastruktur sowie Prüfung der Compliance-Vorgaben (z. B. DSGVO, BSI-Grundschutz, NIS-Richtlinie) Durchführung realitätsnaher Angriffssimulationen zur Risikobewertung Ableitung von Maßnahmen zur Verbesserung der IT-Sicherheit und Präsentation der Ergebnisse Sicherstellung, dass alle Aktivitäten transparent, nachvollziehbar und rechtskonform erfolgen Dein Profil: Abgeschlossenes Informatik-Studium oder eine anerkannte technische Berufsausbildung (z. B. Fachinformatiker) Mindestens 3 Jahre praktische Erfahrung im Bereich IT-Sicherheit, davon mindestens 2 Jahre in Penetration Tests bzw. Red-Team-Übungen Beteiligung an mindestens 2 größeren Projekten (Unternehmen / Behörde mit >250 Mitarbeitenden), z. B. Web-App-Pentests, Netzwerk-Pentests, Cloud-Pentests Gute Deutschkenntnisse in Wort und Schrift Zuschlagskriterien: Umfangreiche Erfahrung in Pen-Tests / Red-Team Mehrere Referenzprojekte Zertifizierungen wie OSCP, GPEN, CEH, eJPT, CREST, CISSP/CISM Erfahrung mit Werkzeugen wie Burp Suite, Nmap, Metasploit, Cobalt Strike, Nessus/OpenVAS, sqlmap, etc. Fähig, eigene Exploits / PoCs zu entwickeln (Python, PowerShell) Erfahrung mit Jira, Confluence, SharePoint Andere Details: Zeitraum: Rahmenvereinbarung bis 2030 Arbeitsort: Remote/Deutschland Bei Interesse freue ich mich auf Deine Bewerbungsunterlagen , Verfügbarkeit und Stundensätze an tamara.petrovic.turkovic@emagine.de

Technology

emagine Polska

Security Coordination Specialist (Customer Finance)

Mid

Hybrid

Warsaw, Poland

170 - 170 PLN/hr

🏢 Summary: Hybrid B2B security role in the banking sector focused on coordinating remediation activities for security findings and managing vulnerabilities. The position involves analyzing penetration testing results, prioritizing risks, and collaborating with stakeholders to ensure timely remediation. Work is performed partially onsite in Warsaw, Gdańsk, or Łódź. 🗂️ Requirements: Understanding of application security, Understanding of infrastructure security, Experience with vulnerability management, Ability to interpret penetration testing reports, Knowledge of CVE, Knowledge of CWE, Knowledge of CVSS, Stakeholder coordination skills, Risk assessment and prioritization skills, Ability to communicate complex security topics 📃 Skills: Security, VulnerabilityManagement, PenetrationTesting, CVE, CWE, CVSS, RiskAssessment, InfrastructureSecurity, ApplicationSecurity 🏢 Description: banking B2B up to 170zł/h Hybrid work in Warsaw/Gdańsk/Łódź 2 days per week in the office Main Responsibilities: Coordinate remediation activities for security findings. Interpret and analyze penetration testing reports and vulnerability scanning outputs. Collaborate with multiple stakeholders to ensure timely remediation. Evaluate and prioritize risks based on security assessments. Communicate complex security topics clearly to technical and non-technical audiences. Key Requirements: Solid understanding of application and infrastructure security. Experience with vulnerability management processes. Ability to interpret penetration testing reports. Familiarity with CVE, CWE, and CVSS standards. Strong coordination skills across multiple stakeholders. Analytical approach to risk assessment and prioritization. Ability to communicate complex security topics clearly. Nice to Have: Experience in the banking sector.

Technology

Link Group

Application Security Consultant

Mid

Hybrid

Warsaw, Poland

150 - 200 PLN

🏢 Summary: The role involves building and implementing a secure SDLC framework with embedded Application Security across enterprise platforms. It focuses on assessing current development practices, defining security standards, and rolling out controls and best practices organization-wide. The position plays a key role in standardizing and governing secure application development processes. 🗂️ Requirements: 3+ years experience in software development, DevOps, or platform engineering, Proficiency in at least one object-oriented programming language, Experience with AWS or Azure environments, Hands-on experience with Docker and Kubernetes, Understanding of CI/CD pipelines and automated deployments, Experience with Infrastructure as Code and configuration management tools, Knowledge of Git and application lifecycle management, Experience with application security and DevSecOps tools, Understanding of secure development practices within SDLC, English proficiency at C1 level or higher 📃 Skills: Java, .NET, AWS, Azure, Docker, Kubernetes, CI/CD, Terraform, Ansible, Puppet, Chef, Git, SAST, DAST, SCA, CNAPP, DevSecOps, SDLC 🏢 Description: We are looking for: For our international client, we are looking for an Application Security Consultant who will play a key role in building a secure Software Development Life Cycle (SDLC) framework, with a strong focus on Application Security (SAS) across enterprise platforms. This role is part of a strategic initiative aimed at securing source code and standardizing how application security is designed, implemented, and governed. The work will start with assessing the current state of platforms and development practices, and based on that, defining and rolling out SDLC standards, controls, and best practices across the organization. Apply if you have: 3+ years of experience in software development, DevOps, or platform engineering Strong programming skills in at least one object-oriented language (e.g. Java, .NET) Experience working with AWS and/or Azure environments Hands-on experience with Docker and Kubernetes Solid understanding of CI/CD pipelines and automated deployments Experience with Infrastructure as Code and configuration management tools (e.g. Terraform, Ansible, Puppet, Chef) Good knowledge of Git and application lifecycle management practices Experience with application security and DevSecOps tooling (e.g. SAST, DAST, SCA, CNAPP) Understanding of secure development practices within SDLC Very good English communication skills (C1 level or equivalent) Nice to have: Experience in building or improving SDLC / SSDLC frameworks in large organizations Background in conducting security assessments and defining standards based on their results Knowledge of security frameworks and standards (e.g. ISO 27001, NIST, CIS, OWASP, SOC2, GDPR) Experience working with large enterprise platforms (e.g. SAP, Salesforce, Databricks, Snowflake) Knowledge of encryption and cryptography (e.g. PKI, Vault, certificates) Experience mentoring teams in secure coding and DevSecOps practices You'll be joining: An international environment where a new SDLC framework with embedded Application Security (SAS) is being built from the ground up and rolled out across key platforms. The team is responsible for assessing current maturity, defining security standards, and implementing a consistent approach to secure development. You’ll have a direct impact on shaping how application security is integrated into development processes and how standards are adopted across engineering teams.

Technology

Transition Technologies PSC

Junior Automation Software Engineer

Junior

Remote

Lodz, Poland

🏢 Summary: Junior Automation Software Engineer role in a cybersecurity team focused on system analysis, troubleshooting, and environment configuration, with gradual transition into automation and DevOps tasks. The position involves monitoring, investigating, and supporting secure, scalable security products in Linux and Windows environments. 🗂️ Requirements: Minimum 1 year commercial IT experience, Basic system administration knowledge, Linux administration, Windows administration, Networking fundamentals, Active Directory knowledge, Certificate management basics, Log analysis skills, Event data analysis, System behavior diagnostics, Network traffic analysis, IT-related degree (completed or in progress) 📃 Skills: Linux, Windows, Networking, ActiveDirectory, TCP/IP, Logs, Automation, DevOps, Security, Troubleshooting 🏢 Description: We are working with a global leader in cybersecurity, building advanced security solutions in areas such as detection, response and automation. Our goal is to deliver high-quality, scalable security products that help organizations proactively defend against evolving cyber threats. We are looking for a Junior Automation Software Engineer to join our cybersecurity-focused team. This role is ideal for someone with a solid technical foundation in systems and infrastructure who wants to grow towards automation and DevOps engineering. At the beginning, your responsibilities will focus more on system analysis, configuration, and troubleshooting. Over time, you will gradually transition into automation-related tasks. Responsibilities: Analyze logs, event data, and system behavior to identify and troubleshoot issues Support configuration and maintenance of environments (Linux / Windows) Collaborate with development teams to investigate and resolve problems Monitor system and application components from a security perspective Build a strong foundation for future work in automation and engineering Requirements: Minimum 1 year of hands-on commercial experience in IT Basic knowledge of system administration and configuration: Linux and Windows networking fundamentals Active Directory certificates Ability to diagnose issues based on: logs and event data system behavior Network traffic analysis Degree in IT or a related field (completed or in progress) Analytical mindset and problem-solving skills Interest in cybersecurity and willingness to grow in automation and DevOps engineering What can we offer Flexible forms of employment and working hours (CoE or B2B) An interesting, challenging job in the dynamically developing Capital Group company Work on innovative projects using modern technologies Direct impact on shaping the image of the Capital Group’s companies on the market Possibility to develop competences in a wide range Attractive salary Stability of employment and a friendly work atmosphere

Technology

TechTree

Software Engineer

Mid

Remote

Warsaw, Poland

47,300 - 64,500 EUR

🏢 Summary: Software Engineer role on the Client team building secure browser extensions, desktop applications, CLI tools and SDKs for a global cybersecurity product. The position focuses on client-side engineering in a zero-trust, end-to-end encrypted environment with strong ownership across the full development lifecycle. Ideal for engineers who enjoy solving complex product and security challenges while contributing to open-source and high-quality software at scale. 🗂️ Requirements: 3+ years of experience building JavaScript applications in production, Strong client-side engineering experience with React or similar framework, Ability to design simple, robust solutions to complex problems, Experience writing and maintaining unit, integration and end-to-end tests, Ability to implement secure client-side business logic and data handling, Comfort collaborating across product, design and engineering, Interest in security, privacy or trustworthy software systems 📃 Skills: JavaScript, React, HTML, CSS, Storybook, Jest, WebdriverIO, OpenPGP, Git, Docker, Windows, macOS, Linux 🏢 Description: THE CLIENT Our client is a fast-growing cybersecurity product company rethinking how teams manage and share sensitive access. Their platform is trusted by 40,000+ organisations across 50+ countries - and growing fast. This is an engineering-led business: modern architecture, real technical challenges, and a strong focus on open source, privacy, and security. They’re building a fully remote, collaborative team and looking for engineers who take ownership and enjoy solving meaningful problems. If you want to work on a product with real impact at global scale - this is worth a conversation. THE ROLE: Our client is looking for a software engineer to join its Client team and help build the applications through which users experience the product, including browser extensions, desktop applications, command-line tools and SDKs. This is not a typical frontend role. Because their product is built around end-to-end encryption and a zero-trust model, their client applications carry significant responsibility for security, data handling and product behaviour. The role sits at the intersection of client engineering, product thinking, usability and security-sensitive application design. You would work on features used by a large open-source community, contributing across the full lifecycle: understanding the problem, shaping the approach, implementing the solution, testing it thoroughly and improving it over time. This role will suit someone who enjoys solving complex product problems, keeping solutions simple, and working in an environment where quality, openness and collaboration matter. RESPONSIBILITIES: Build and improve client applications across browser, desktop and adjacent client surfaces Translate product and user needs into secure, usable client-side solutions Implement and maintain business logic, local data handling and security-sensitive workflows on the client side Contribute to testing strategy across unit, integration and end-to-end levels Work closely with product, design and engineering peers to refine solutions before implementation Help improve code quality, performance, maintainability and documentation Contribute to open-source collaboration with the community where relevant CORE REQUIREMENTS 3+ years of experience building JavaScript applications in production Strong client-side engineering fundamentals with React or a similar framework Ability to break down complex problems and design simple, robust solutions Good testing habits and attention to quality Comfort working across product, engineering and implementation questions - not just coding tickets Strong collaboration skills, openness to feedback, and a low-ego working style Interest in security, privacy, or building trustworthy software systems NICE TO HAVE Experience building browser extensions, desktop applications or other multi-platform clients Experience with security-sensitive applications, client-side cryptography or zero-trust architectures Experience with design systems, Storybook or usability-focused product development Open-source contribution experience Experience maintaining long-lived software products Familiarity with other languages such as Go, Swift, C#, PHP, Python or Rust Tools and technologies you’ll work with: JavaScript, React, HTML/CSS, Storybook, Jest, WebdriverIO, OpenPGP-related tooling, Git and Docker across Windows, macOS and Linux environments. (We do not expect candidates to bring experience with every tool listed here) How you work You take ownership of problems, not just tasks You value simplicity and avoid over-engineering You work well in an environment where feedback is frequent and constructive

Technology

TechTree

Software Engineer

Mid

Remote

Warsaw, Poland

47,300 - 64,500 EUR

🏢 Summary: Software Engineer role focused on building and improving secure client applications including browser extensions, desktop apps, CLI tools and SDKs within a zero-trust, end-to-end encrypted product. The position combines client-side engineering, security-sensitive design and product thinking, contributing across the full development lifecycle. You will deliver secure, high-quality solutions used by a large global and open-source community. 🗂️ Requirements: 3+ years of production experience with JavaScript, Strong experience with React or similar framework, Solid client-side engineering fundamentals, Experience designing simple, robust solutions for complex problems, Hands-on experience with unit, integration and end-to-end testing, Ability to implement secure client-side data handling and business logic, Experience collaborating across product, design and engineering teams, Interest in security, privacy or secure software systems 📃 Skills: JavaScript, React, HTML, CSS, Storybook, Jest, WebdriverIO, OpenPGP, Git, Docker, Windows, macOS, Linux 🏢 Description: THE CLIENT Our client is a fast-growing cybersecurity product company rethinking how teams manage and share sensitive access. Their platform is trusted by 40,000+ organisations across 50+ countries - and growing fast. This is an engineering-led business: modern architecture, real technical challenges, and a strong focus on open source, privacy, and security. They’re building a fully remote, collaborative team and looking for engineers who take ownership and enjoy solving meaningful problems. If you want to work on a product with real impact at global scale - this is worth a conversation. THE ROLE: Our client is looking for a software engineer to join its Client team and help build the applications through which users experience the product, including browser extensions, desktop applications, command-line tools and SDKs. This is not a typical frontend role. Because their product is built around end-to-end encryption and a zero-trust model, their client applications carry significant responsibility for security, data handling and product behaviour. The role sits at the intersection of client engineering, product thinking, usability and security-sensitive application design. You would work on features used by a large open-source community, contributing across the full lifecycle: understanding the problem, shaping the approach, implementing the solution, testing it thoroughly and improving it over time. This role will suit someone who enjoys solving complex product problems, keeping solutions simple, and working in an environment where quality, openness and collaboration matter. RESPONSIBILITIES: Build and improve client applications across browser, desktop and adjacent client surfaces Translate product and user needs into secure, usable client-side solutions Implement and maintain business logic, local data handling and security-sensitive workflows on the client side Contribute to testing strategy across unit, integration and end-to-end levels Work closely with product, design and engineering peers to refine solutions before implementation Help improve code quality, performance, maintainability and documentation Contribute to open-source collaboration with the community where relevant CORE REQUIREMENTS 3+ years of experience building JavaScript applications in production Strong client-side engineering fundamentals with React or a similar framework Ability to break down complex problems and design simple, robust solutions Good testing habits and attention to quality Comfort working across product, engineering and implementation questions - not just coding tickets Strong collaboration skills, openness to feedback, and a low-ego working style Interest in security, privacy, or building trustworthy software systems NICE TO HAVE Experience building browser extensions, desktop applications or other multi-platform clients Experience with security-sensitive applications, client-side cryptography or zero-trust architectures Experience with design systems, Storybook or usability-focused product development Open-source contribution experience Experience maintaining long-lived software products Familiarity with other languages such as Go, Swift, C#, PHP, Python or Rust Tools and technologies you’ll work with: JavaScript, React, HTML/CSS, Storybook, Jest, WebdriverIO, OpenPGP-related tooling, Git and Docker across Windows, macOS and Linux environments. (We do not expect candidates to bring experience with every tool listed here) How you work You take ownership of problems, not just tasks You value simplicity and avoid over-engineering You work well in an environment where feedback is frequent and constructive