ABOUT US JOBS CONTACT

Senior Penetration Tester

This position is not available now.

Senior Penetration Tester

2025-10-16

Within our Competence Management service, selected professionals don’t just join a project, or position – they become valued members of the SWICON team. Our colleagues are our top priority: we offer personalized support, dedicated attention, and a true professional community – because no one is just a number here. This people-first approach has earned us multiple HR awards. Join us and be part of an inspiring, future-driven, and recognized team!

Introduction

Swicon Group is one of the leading members of the IT arena for almost a decade, since 2017 present also in Romania. Our wide range of services and highly trained professionals give us the opportunity to shape our solutions to fully meet the ideas and wishes of our clients. We are proud to have leading banks, insurance and telecommunication companies, as well as large FMCG corporations and SSCs amongst our highly prestigious partners.

Tasks

● Plan and execute manual and automated penetration tests from black/white/grey-box perspectives, including delineation, reconnaissance and mapping, deployment and post-deployment services, technical and executive report generation, followed by retesting and cleanup.

● Testing of web applications and APIs against OWASP standards (WSTG, ASVS, Top 10 APIs), with a focus on critical mechanisms such as authentication, authorization, session management, input validation, and encryption.

● Testing of mobile applications (native, hybrid, cross-platform) according to OWASP MASTG/MASVS, including reverse engineering activities, static and dynamic analysis, testing of encryption and data storage mechanisms, and application resistance to jailbreak/rooting techniques.

● Perform code review for various technology packages (PHP, .NET, Android, Kotlin, Swift, NodeJS, JavaScript, TypeScript), identifying CWEs, logical and design vulnerabilities, cryptographic implementation errors, authentication and authorization issues, and using recognized standards and frameworks (e.g., OWASP ASVS/MASVS, CWE Top 25) as a basis for verification.

● Perform vulnerability assessments at the application, infrastructure, and network level, conduct security architecture reviews for complex systems (including cloud, microservices), and organize threat modeling exercises (e.g., STRIDE, OWASP SAMM/ASVS) to identify attack scenarios and mitigation measures.

● Write structured technical reports, classify vulnerabilities using CVSS standard, including business impact and remediation recommendations and present results to shareholders and technical teams.

● Solid knowledge of the cloud (AWS, Azure, GCP), ability to identify incorrect configurations and recommend measures to secure the cloud infrastructure.

● Planning and executing penetration tests on Active Directory/Windows infrastructures: enumeration and mapping, configuration, identification and deployment (Kerberoasting, AS-REP roasting, NTLM relay), lateral movement and privilege escalation, followed by hardening recommendations and retesting.

Expectations

Requirements:

● Network scanning: Nmap, masscan, Shodan, Censys

● Vulnerability scanning: Nessus, OpenVAS, nuclei

● Web testing: Burp Suite Pro, OWASP ZAP, sqlmap, ffuf, dirsearch, Nikto, wpscan, XSStrike

● Recon subdomains: subfinder, findomain

● Post-deployment: Metasploit Framework, Impacket, BloodHound

● Reverse engineering: jadx, Ghidra, r2

● Mobile device: MobSF, Drozer, adb, Frida, Objection

● Password cracking: John, Hashcat

● Supply chain scanning: trivy, OWASP Dependency Check

● SAST si secret scanning: Semgrep, SonarCloud, gitleaks, truffleHog

● API si HTTP: Postman

● Scripting usage: jq, Python, Bash, PowerShell

Advantages

Excellent learning opportunities! Variety in your work and a fantastic, informal work atmosphere.
A challenging environment that will stimulate you to grow as a professional!
A great foundation for your career!
Grow with us! Your role will develop over time, so you can increase your experience and responsibilities. So, you can advance faster and further in your future career.
A friendly and welcoming work environment with an international working atmosphere where you can practice and learn new language skills with a diverse mix of colleagues and clients.
A dynamic work environment with a culture that is open, innovative, and performance orientated.

Employer's offer

Remote position and B2B opportunity

Apply for this position

Are you suitable for this positon? Click on the apply button and upload your CV!

Share this position

Share this position on your social media platform to help a friend to find his/her dreamjob!

Share on Linkedin

Share on Facebook

Summary

Bucharest

Remote

Senior

Similar positions

Swicon Group is one of the leading members of the IT arena for almost a decade, since 2017 present also in Romania. Our wide range of services and highly trained professionals give us the opportunity to shape our solutions to fully meet the ideas and wishes of our clients. We are proud to have leading banks, insurance and telecommunication companies, as well as large FMCG corporations and SSCs amongst our highly prestigious partners.

Read more

2025-10-16

remote

Senior Software Engineer [Data AI] -> Senior in software engineering using Node.js with focus on AI integration.
Partnerünk Európa egyik vezető identitás- és hozzáféréskezelési (IAM) szolgáltatója, amely nagyvállalatok számára nyújt biztonsági és infrastruktúra-modernizációs megoldásokat. Több mint 20 éves tapasztalattal támogatja ügyfeleit az identitásvédelem, a Zero Trust architektúrák és a komplex Microsoft-alapú környezetek üzemeltetésében és fejlesztésében. A cég erős technológiai fókusza és mély szakértelme miatt elismert partner számos nemzetközi szervezet IT-biztonsági és digitalizációs projektjeiben.

Read more

2025-12-11

remote

System Engineer AD
The company is a Budapest-based joint venture founded at the end of 2022 to deliver project- and operations-related IT services to a global defence group’s Hungarian and international subsidiaries. It operates with a start-up mindset while benefiting from the stability, growth, and expertise of two major industry players. This combination creates strong long-term growth potential and a wide range of exciting career opportunities in a dynamic, international environment.

Read more

2026-01-14

hybrid

Senior SAP FI/CO Consultant
Csatlakozz egy nagyvállalati, dinamikusan átalakuló Cyber Security környezethez, ahol a compliance, audit és üzleti oldali koordináció kulcsfontosságú. E szerepben nemcsak adminisztrációra, hanem valódi felelősségre és hatásra számíthatsz — ha szereted a változatos feladatokat, a gyors döntéseket, és szívesen dolgozol szabályozott, nagy nyomású környezetben, ez a pozíció Neked szól.

Read more

2025-12-01

hybrid

Cyber Compliance Specialist
Swicon Group is one of the leading members of the IT arena for almost a decade, since 2017 present also in Romania. Our wide range of services and highly trained professionals give us the opportunity to shape our solutions to fully meet the ideas and wishes of our clients. We are proud to have leading banks, insurance and telecommunication companies, as well as large FMCG corporations and SSCs amongst our highly prestigious partners.

Read more

2026-01-08

hybrid

Banking Data Anayst
Partnerünk a legnagyobb pénzügyi szolgáltató Magyarországon, és további 10 országban van jelen. A nemzetközi terjeszkedés eredményeként a cég meghatározó szereplője a banki piacnak. Ügyfelünk a régió egyik vezető pénzügyi szolgáltatója, több mint 18,5 millió ügyféllel, 400 fiókkal működik Magyarországon, 9000 munkatársuk segítségével folyamatosan fejleszt és újít.

Read more

2025-04-07

hybrid

Solution Architect (finance szektor)
Partnerünk a legnagyobb pénzügyi szolgáltató Magyarországon, és további 10 országban van jelen. A nemzetközi terjeszkedés eredményeként a cég meghatározó szereplője a banki piacnak. Ügyfelünk a régió egyik vezető pénzügyi szolgáltatója, több mint 18,5 millió ügyféllel, 400 fiókkal működik Magyarországon, 9000 munkatársuk segítségével folyamatosan fejleszt és újít.

Read more

2025-04-03

hybrid

IT Rendszerszervező
A SwiconGroup több mint 15 éve a magyar IT-régió vezető tagja, 2017 óta Romániában, 2024 óta pedig Lengyelországban is jelen van. Budapesti székhelyű kreatív vállalatként az iparági szabványoknak megfelelő módszertanokat és csúcstechnológiákat alkalmazunk, hogy ügyfeleinknek kiváló minőségű üzleti megoldásokat nyújtsunk. Fő tevékenységeink közé tartozik az outsourcing, a fejvadászat és egyéb HR-szolgáltatások, valamint a kreatív alkalmazásfejlesztés és a szoftverüzemeltetés. Mottónk az innováció, az újszerűség és a felelősségvállalás. Szolgáltatásaink széles skálája és magasan képzett szakembereink lehetőséget adnak arra, hogy megoldásainkat úgy alakítsuk ki, hogy azok teljes mértékben megfeleljenek ügyfeleink elképzeléseinek és kívánságainak.

Read more

2025-04-17

hybrid

Mid-Senior Angular fejlesztő
Swicon Group is one of the leading members of the IT arena for almost a decade, since 2017 present also in Romania. Our wide range of services and highly trained professionals give us the opportunity to shape our solutions to fully meet the ideas and wishes of our clients. We are proud to have leading banks, insurance and telecommunication companies, as well as large FMCG corporations and SSCs amongst our highly prestigious partners.

Read more

2025-11-26

remote

Solution Architect AI
Our partner plays a fundamental role in the Hungarian financial sector, creating lasting value for its clients through reliable, strategic partnerships. The bank’s core value is based on professional customer service grounded in well-prepared, supportive, and honest professional work.

Read more

2025-04-10

hybrid

Alkalmazás üzemeltető

Senior Penetration Tester