Infrastructure and Application Pentester

Start Date: 01/02/2026

End Date: 31/01/2027

Duration: 12 months (full-time)

Location: Hybrid

Responsibilities:

• Conduct infrastructure and application penetration testing on various systems including Windows, Linux, cloud infrastructure, ICS, web applications, fat clients, APIs, and µ-service architecture.
• Identify vulnerabilities in technical infrastructures, applications, and systems.
• Detect design and implementation weaknesses in applications and inter-applicative flows.
• Validate technical and business measures to prevent fraud.
• Perform penetration testing using internal and external sources with white-box, grey-box, and black-box approaches.
• Utilize cautious to aggressive methodologies, including vulnerability mapping and exploitation.

Required Qualifications and Experience:

• Minimum of 10 years of professional experience as an infrastructure and application penetration tester.
• At least 5 years of experience with critical infrastructure.

Technical Skills:

• Proficiency in network technologies (Ethernet, Wi-Fi, fibre channel, Bluetooth) and protocols.
• Expertise in authentication technologies and encryption techniques.
• Knowledge of operating systems (Windows, Linux, Solaris) and cloud services.
• Understanding of cloud architecture, interconnectivity, and hybrid topologies.
• Familiarity with µ-services, enterprise service bus architecture, and proprietary systems.
• Experience with well-known attacks and security control techniques.
• Scripting skills in Bash, Python, PowerShell.
• Competence in network design, multi-layered security principles, and database systems.
• Experience with middleware, secure application development, and programming languages (Java, Microsoft .NET).

Soft Skills:

• Team player
• Communicative
• Independent worker
• Discreet
• Curious