Security QA Engineer (Penetration Testing Focus)

You need to have:

• Experience in mobile application penetration testing
• Experience in infrastructure penetration testing
• Comprehensive understanding of the Secure Software Development Lifecycle (SSDLC)
• Previous participation in bug bounty programs and/or Capture The Flag (CTF) competitions
• Relevant certifications such as BSCP, CWES, eMAPT, eWPT, OSCP+, or equivalent
• English proficiency at B1+ level or higher

Will be a olus:

• Additional certifications such as OSCP, CEH, or similar
• Knowledge of modern AI tools and practical experience using them in daily work

,[Perform penetration testing and vulnerability assessments of web applications and APIs, Document identified vulnerabilities and provide clear, detailed remediation recommendations with strong attention to detail, Support product owners and development teams in vulnerability remediation efforts, Apply established security testing methodologies such as OWASP WSTG or equivalent application security frameworks, Demonstrate strong knowledge of the OWASP Top 10 and common web application vulnerabilities, including XSS, SQL Injection (SQLi), SSRF, and others, Possess deep understanding of various vulnerability types, their root causes, exploitation techniques, and remediation approaches, Effectively use application security testing software and common penetration testing tools such as Kali Linux, Burp Suite, Metasploit, Nmap (NSE), Acunetix, and similar solutions] Requirements: penetration testing, SSDLC, AI, OSCP