Job Brief:
We are seeking a highly skilled and detail-oriented Penetration Tester to identify, exploit, and report security vulnerabilities across our applications, systems, and networks. The ideal candidate will have hands-on experience in offensive security testing, a strong understanding of attack methodologies, and the ability to simulate real-world cyber threats to strengthen our security posture.

Key Responsibilities:

• Lead comprehensive penetration testing and security assessments across software applications to proactively identify and mitigate risks.
• Conduct vulnerability analysis, risk assessments, and security audits to ensure compliance with industry standards.
• Collaborate closely with development and architecture teams to provide actionable security insights throughout the SDLC.
• Develop and maintain detailed reports on security findings, remediation strategies, and best practices.
• Stay current with emerging cybersecurity threats, vulnerabilities, and testing methodologies.
• Design, implement, and execute automated security testing scripts and tools to enhance QA efficiency.
• Establish and refine QA and security processes to maintain the highest standards of software quality and protection.
• Participate in security incident response initiatives when necessary.
• Advise cross-functional teams on integrating security measures into product design and deployment.
• Maintain awareness and application of cloud security principles and best practices.
• Know Exploitation techniques (XSS, SQLi, SSRF, RCE)
• API security testing
• Mobile/Web pentesting specifics
• Red teaming exposure (optional but strong)

Tools & Technologies

• Hands-on experience with tools such as:
• Burp Suite
• OWASP ZAP
• Metasploit Framework
• Nmap
• MobSF (for mobile security testing)
• Other vulnerability scanners and exploitation tools

Qualifications & Expertise

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent practical experience).
• Proven experience in penetration testing / ethical hacking / offensive security.
• Strong understanding of:
• Web application architecture
• HTTP/HTTPS protocols
• Authentication mechanisms (OAuth, JWT, session-based auth)
• Knowledge of OWASP Top 10 vulnerabilities and exploitation techniques.
• Familiarity with security standards and frameworks (e.g., OWASP Testing Guide, NIST).
• Hands-on experience with scripting languages such as Python, Bash, or PowerShell.
• Strong analytical and problem-solving skills.
• Strong knowledge of network penetration testing methodologies
• Experience performing vulnerability validation and risk analysis

Certifications (Preferred)

• OSCP (Offensive Security Certified Professional)
• CEH (Certified Ethical Hacker)

What we look for beyond required skills
In order to thrive at VentureDive, you
…are intellectually smart and curious
…have the passion for and take pride in your work
…deeply believe in VentureDive’s mission, vision, and values
…have a no-frills attitude
…are a collaborative team player
…are ethical and honest

Are you ready to put your ideas into products and solutions that will be used by millions?
You will find VentureDive to be a quick pace, high standards, fun and a rewarding place to work at. Not only will your work reach millions of users world-wide, you will also be rewarded with competitive salaries and benefits. If you think you have what it takes to be a VenDian, come join us ... we're having a ball!

#LI-Hybrid