Pentester

Within our Cybersecurity Hub, we are responsible for performing product security evaluations for the most important manufacturers worldwide. As a Pentester, your main objective will be to perform security assessments to identify hidden risks, vulnerabilities, and security flaws in a variety of applications and services - including mobile applications. This involves evaluating, analysing, inspecting network communications, and identifying weaknesses in areas such as storage, authentication, cryptography, and platform misuse. What will be your responsibilities?

• Help ensure our clients' web applications, systems and infrastructure are designed and implemented to the highest security standards.
• Perform penetration testing and security assessment for web application, APIs and underlying systems and Mobile Applications.
• Develop comprehensive and accurate security penetration reports.
• Work directly with the internal team and customers to solve challenging software and systems configurations.

Do you have experience in Shell Scripting?, Do you have a Bachelor's degree?, * At least 1 year of demonstrated experience in penetration testing.

• Computer Science, Telecommunication, or equivalent Bachelor's degree.
• Demonstrated hands-on experience with Linux.
• Ability to perform manual penetration testing techniques, including testing for vulnerabilities such as SQL Injection, Command Injection, Local File Inclusion (LFI)
• Knowledge of web application vulnerabilities and web application penetration testing tools such as Burp Suite, OWASP ZAP, etc
• Familiarity with network penetration testing and tools like Nmap, Metasploit, Wireshark, FFUF.
• Proficiency in scripting languages (Python, Ruby, Perl, Bash)
• Fluent in English.
• Determined, passionate, and with a keen eye for detail.
• Be keen to learn day to day.
• Aptitude for teamwork in an international environment.

Ideally, you'll also have

• OSCP, BSCP, CPTS, CBBH, EMAPT or similar
• Knowledge of mobile application security testing: Static and dynamic analysis, Reverse engineering of APK files, familiarity with common mobile vulnerabilities (OWASP MAS Top 10).
• Knowledge of mobile Pentesting Tools: Frida, Jadx, ADB, MobSF
• Participation in Bug Bounty programs and CTFs, Hack the box, or similar activities. Happy to know your best achievements.
• Own research and presentations at congresses will be positively valued.

• Permanent contract.
• Hybrid options near our hub location in Málaga.
• Flexible work model that allows the conciliation between personal and work life.
• Intensive summer days and every Friday of the year.
• Possibility of accessing restaurant vouchers, nursery vouchers, staying active with Wellhub or transport benefits.
• Health Insurance 100% covered by the company.
• Work with leading Top-Notch customers.
• Discounts on major brands: textiles, consumer goods, electronics, travel agencies.
• Employee recognition programme KUDOS Awards.
• Fuel your day - Enjoy free coffee and healthy snacks in our offices.
• Global team, Global skills - We offer language training to help you connect, collaborate, and thrive across cultures.
• Grow With Us - Build your own career path with access to internal and external certification programs, exclusive cybersecurity events, and a vibrant learning culture that never stops evolving.

Since its foundation in 1925, the DEKRA promise has been to ensure the safety of human interaction with technology and the environment. The company currently employs around 49,000 people in more than 60 countries on all five continents.