Penetration Tester - Web, API & Cloud Security(Equity Only)

HolistiQ Holdings
5 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
£ 82K

Job location

Remote

Tech stack

API
Amazon Web Services (AWS)
Business Logic
Software System Penetration Testing
User Authentication
Azure
Bash
Burp Suite
Cloud Computing
Cloud Computing Security
Databases
Identity and Access Management
Mobile Application Software
Python
Network Security
NMap
Open Web Application Security
Powershell
Regression Testing
Comptia Pentest+ CE
Secure Coding
Web Application Security
SQL Injection
Software Vulnerability Management
Web Applications
Web Platforms
Software Security
Kubernetes
Metasploit
Devsecops
Docker
Vulnerability Analysis

Job description

HolistiQ Technologies is seeking a skilled Penetration Tester / Ethical Hacker to identify, exploit, document, and help remediate security vulnerabilities across web applications, APIs, cloud infrastructure, authentication systems, databases, mobile applications, and digital platforms.

You will work alongside software engineers, technical architects, and cybersecurity professionals to secure projects throughout development, launch, and ongoing production operation., * Conduct web application, API, cloud, infrastructure, and mobile penetration testing.

  • Identify and safely exploit vulnerabilities, authentication flaws, broken access controls, API vulnerabilities, and business logic weaknesses.
  • Perform vulnerability assessments, security testing, exploit validation, and security regression testing.
  • Test against OWASP Top 10 and OWASP API Security Top 10 vulnerabilities.
  • Produce professional penetration testing reports with evidence, severity ratings, business impact, and remediation recommendations.
  • Retest vulnerabilities and verify security fixes.
  • Perform security testing following material platform updates and production changes.
  • Immediately escalate critical vulnerabilities and security incidents.
  • Work collaboratively with developers and security teams to improve application and infrastructure security.
  • Conduct all testing within documented scope and written Security Testing Authorisations.

Requirements

Practical experience in penetration testing, ethical hacking, vulnerability assessment, web application security, API security, network security, cloud security, Burp Suite, Nmap, OWASP, authentication testing, access control testing, exploit validation, vulnerability remediation, and technical security reporting.

Experience with AWS, Azure, Docker, Kubernetes, CI/CD security, mobile application security, secure code review, Python, Bash, PowerShell, Metasploit, SQL injection testing, privilege escalation, or DevSecOps is advantageous.

Certifications such as OSCP, OSWE, OSEP, BSCP, CREST, PNPT, CompTIA PenTest+, Security+, eJPT, eCPPT, or equivalent practical experience are desirable but not essential.

Benefits & conditions

Successful candidates will be appointed as Contributor Members and participate in a profit-sharing model under which 60% of Net Profit from Projects is allocated collectively to eligible Contributor Members and distributed based on level of seniority and participation.

This is not a traditional employment opportunity. We are looking for someone who wants to help build, protect, and scale innovative technology platforms while sharing in the long-term value they create.

The salary field shown on Indeed is a platform requirement and should be treated as a placeholder only.

Pay: £30,471.56-£81,672.68 per year

Apply for this position