Penetration Tester @ ITDS

Warsaw-based opportunity with hybrid model (3 days x week in the office).

As a Penetration Tester, you will be working for our client, a leading global financial institution known for delivering a wide range of innovative financial services across capital markets, risk management, and digital platforms. In this role, you will be part of an elite internal penetration testing team assessing critical systems, applications, and cloud infrastructures. The client is focused on secure software development, operational resilience, and proactive risk mitigation.You will test high-value systems, access source code, and work directly with engineers to implement secure solutions across global environments.

You're ideal for this role if you have :

• Proven experience in penetration testing across web applications, cloud, and infrastructure
• Strong understanding of web security principles and ability to build exploit chains
• Proficiency in analysing systems via source code review and reverse engineering
• Familiarity with tools such as Burp Suite, Wireshark, netcat, and Ghidra
• Knowledge of one or more programming languages like Java, Python, JavaScript, or C++
• Solid understanding of the TCP / IP stack and common network protocols
• High-level knowledge of cryptographic concepts and their implementation risks
• Experience developing or customizing proof-of-concept exploits
• Awareness of security concerns in cloud-native architectures

Preferred Qualifications :

Warsaw-based opportunity with hybrid model (3 days x week in the office).

As a Penetration Tester, you will be working for our client, a leading global financial institution known for delivering a wide range of innovative financial services across capital markets, risk management, and digital platforms. In this role, you will be part of an elite internal penetration testing team assessing critical systems, applications, and cloud infrastructures. The client is focused on secure software development, operational resilience, and proactive risk mitigation.You will test high-value systems, access source code, and work directly with engineers to implement secure solutions across global environments.

Perform penetration tests on internal web applications, cloud environments, and infrastructure, Identify and report vulnerabilities with clear technical and business impact, Analyse source code, configurations, and systems to support deep security assessments, Develop proof-of-concept exploits or demonstrate real-world attack vectors, Collaborate with engineers to recommend fixes and propose systemic improvements, Document findings in structured reports for technical and non-technical audiences, Participate in red team exercises and threat simulation scenarios, Review server, network, and cloud configurations for weaknesses, Share knowledge and techniques with peers in the internal security community, Contribute to the continuous evolution of internal testing tools and frameworks] Requirements : Penetration testing, Web applications, Cloud, Web security, Wireshark, Java, Python, JavaScript, C++, TCP / IP, Network protocols, OSCP, Degree