Iterasec

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a talented and motivated Junior Pentester who will join our security team to work on penetration testing and vulnerability/cloud security assessment projects.

We expect a short motivation letter where you can explain your skills, achievements and motivation.

Required skills

- Solid non-commercial cybersecurity experience, such as HTB/THM

- Junior-level cybersecurity certifications would be a plus.

- Comfortable with basic application security testing and common vulnerabilities (like OWASP Top 10, CWE Top 25) and cybersecurity fundamentals

- Strong basic IT skills: Linux, networking (TCP/IP, DNS, HTTP etc.)

- Some experience in scripting/coding languages, such as Java, JS, Python, Shell, etc.

- Strong drive to learn and develop cybersecurity skills

- Technical English (Intermediate)

We offer

- Good salary + bonus system

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Support in obtaining professional certifications, such as BSCP, OSCP, eWPTX, cloud certifications, etc.

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Execute penetration tests and security assessments as part of a team, including internal/external networks, web and mobile applications, Windows and Linux environments, cloud architectures, IoT devices, and more

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Conduct security research

Iterasec works with clients worldwide, helping them find vulnerabilities and secure their products. Our projects range from mobile/web applications to complex modern cloud and automotive stacks. We work with both small product companies as well as Fortune 500 enterprises.

We are looking for a Middle/Senior Security Consultant / Penetration tester to work on and lead penetration testing and vulnerability/cloud security assessment projects.

In this role, you will work on technically challenging projects and also spend some time leading/mentoring our junior pentesting colleagues.

Required skills

- 1.5+ years of intensive commercial experience

- OSCP, eWPTx2 or similar would be a plus

- Scripting/coding skills and being comfortable with advanced pentesting tooling

- Strong knowledge of mobile/web security

- Comfortable with cloud and container security

- Basic RE skills

- Ability to mentor/lead colleagues

- Strong ability and drive to learn and develop cybersecurity skills

- Technical English (Intermediate+)

We offer

- Good salary + bonus system

- Diverse project portfolio and technologies to work with

- Rewarding environment: brilliant team ready to share knowledge and collaborate

- Courses and conferences which are relevant to the position are sponsored by the company.

- We are a remote-first company with full WFH support and a flexible work schedule.

Responsibilities

- Participate in various pentesting projects

- Lead junior colleagues

- Perform threat modeling in pentesting and security assessment projects

- Create assessment documentation and reports, clearly identifying vulnerabilities and associated remediation steps

- Consult clients on efficient issues remediation

- Conduct security researches

- Develop tools and scripts to automate and improve current pentesting processes

Location: EU Remote (Preferably Ukrainian speaking) 
Client: Tier-1 Global Tech Leader

About the Role: We are looking for a Security Engineer to act as the human intelligence layer for our client’s AI-driven security initiative. You will be responsible for triaging and validating potential security vulnerabilities across a massive variety of codebases (C#, C++, Rust, TypeScript, JS, etc.). 

This is a unique opportunity to work with high-maturity, top-notch source code at a global scale and help protect software used by billions. Your goal is to distinguish genuine security threats from false positives and provide actionable feedback to senior engineering teams.

Responsibilities:

• Perform deep-dive manual source code analysis on findings generated by AI and SAST tools.
• Determine the "exploitability" of a finding based on data-flow and control-flow analysis.
• Write clear, concise technical reports for developers explaining the vulnerability and why it is a true positive.
• Collaborate with the client to refine AI detection logic based on your triage results.

Requirements:

• 3+ years in Application Security, Security Research, or specialized Quality Assurance.
• The "Polyglot" Mindset: Demonstrated ability to read and understand multiple languages (C#, C++, TypeScript/JS are high priority).
• Deep understanding of common vulnerabilities, such as OWASP Top 10 and SANS Top 25 vulnerabilities.
• Demonstrable manual and SAST source code  review experience
• Education: Degree in CS, Cyber Security, or equivalent experience.
• Language: Professional English (B2).

Bonus Points:

• Pentesting experience and relevant certifications, such as OSCP, OSWE, or GWEB.
• Binary vulnerabilities