Open position at NN IT HUB Prague

Penetration Tester

Work schedule
Karla Engliše 3201/6, 150 00 Praha 5-Smíchov, Česko

We are a team of international IT security professionals and ethical hackers with deep knowledge of application security and real curiosity of how things work. We are looking for a Penetration Tester who will help us to find security vulnerabilities of web/mobile applications, underlying (cloud/traditional) infrastructure, and help to simulate various cyber-attack scenarios. We are offering a high degree of autonomy. Your professional growth will be actively supported with opportunities to take part in domain-relevant training and conferences. If you have a higher goals, there's a possibility to become a service lead in the near future.

Job is closed for applications

Your typical day will be about:

  • Perform penetration tests of web or mobile applications (DAST)

  • Perform secure source code reviews (SAST) of a web or mobile applications
  • Plan and execute scenario-based tests simulating selected threat
  • Verification of responsible disclosure submissions
  • Knowledge transfer to application developers
  • Mentoring of junior colleagues
  • Work on improvement of the Penetration Testing services

          Daniel Joščák


          Offensive Security Manager
Daniel Joščák
Offensive Security Manager

What do you need for this role?

Need to have:

  • Experience with application penetration testing according to the OWASP ASVS standard

  • Certification from Offensive Security (OSCP, OSWE)
  • Good English communication skills
  • Good understanding of security principles and web technologies
  • Experience with source code review or mobile application or infrastructure testing
  • Curiosity, Problem solving attitude, willingness to always learn more

Nice to have:

  • Experience with developing web applications (preferably .NET languages, Java, and JavaScript)

  • Experience with SSDLC, cloud security or DevSecOps
  • Ability to transfer knowledge to other team members and penetration tests requestor
  • Community contributions like development or improvement of domain-relevant tooling, CTF writeups, published security research in form of a blog, CVE advisories, or in other public form

Why join us?

  • You can be part of an internal security team which has impact on the quality of corporate environment

  • Possibility to improve your hard and soft skills via trainings and certifications
  • International team – possibility to use English on daily bases
  • New modern office in the Anděl, however nowadays we're working mostly from home
  • Other benefits such as language courses, iPhone 11, MultiSport Card, Cafeteria program...

I base everything I do on human values. Our values Care, Clear and Commit have always been close to my heart.

Ronald Lipták, CEO

Does it sound like a #dreamjob to you? Let us know, we are looking forward to talk to you! 👍

Job is closed for applications