We’re looking for an experienced Application Penetration Tester to join our team!

Job description 

As a Penetration Tester, you will be responsible for assessing and improving the security of our clients' IT systems, web applications, and infrastructure. In this role, you will lead the technical execution of client projects and handle communication and coordination with both the client and our internal team. Working alongside the Service Manager, you will ensure the successful delivery of projects and the final reporting.

Main responsibilities:

• Performing penetration tests on various environments and systems.
• Conducting risk assessments and preparing detailed security reports.
• Participating in project meetings, including kickoff, status updates, and final review meetings.
  
  

What we expect from you:

• Ability to quickly grasp complex technical environments where HTTP plays a central role (web and mobile applications, REST APIs, and IoT technologies).
• Proficiency in identifying vulnerabilities based at least on the OWASP Top 10 in web applications.
• Skill in exploiting vulnerabilities, including the use of XSS, XSRF, and SSRF payloads.
• Efficiency in using industry-standard tools, such as virtual machines, Burp Suite / ZAP, nmap, sqlmap, ffuf, and Kali Linux.
• Ability to report security findings clearly in both Finnish and English.
  
  

Bonus points for:

• Relevant information security certifications, such as GPEN, GWAPT, OSCP, OSCE, or equivalent.
• A background in programming or development (e.g., Python, JavaScript, Java, etc.).
• The ability to perform effectively under pressure and handle tight deadlines.
  
  

What we offer you:

• An interesting and versatile role at the forefront of cybersecurity.
• Opportunities for professional growth to further develop your expertise as a cybersecurity specialist.
• Meaningful work as you help build a safer world for global business.
• A responsible position working with prestigious and well-known clients – feel free to explore our references on our website.
• A flat hierarchy and a communal team that enjoys spending time together, even outside of work hours.
• A stable employer providing high-level technological expertise to its customers.
• The freedom of flexible work, allowing you to work where you are most productive – whether remotely or at our office on Kalevankatu, Helsinki.
• Competitive benefits, including a lunch benefit on top of your salary, as well as sports and culture vouchers.
  
  

Please send your application and CV to careers@silverskin.com

Recruitment process:

• Initial remote interview: A first look at your background and expectations.
• Pentest challenge & reporting: A practical technical assignment where you can showcase your skills and reporting abilities.
• Interview with Silverskin (Live or Remote).
• Second interview round.
• Recruitment decision.
  
  

Founded in 2009, Silverskin is a cyber-attack company specializing in application security and continuous security testing. We help organizations understand the data risks posed by technology by providing an up-to-date situational awareness of vulnerabilities within their technical environments.

As a result, our clients achieve an optimal level of cybersecurity based on realistic vulnerability data and a deep understanding of risks. At the same time, we enable our clients to enhance their security posture and product quality, reduce unforeseen costs, and meet their business requirements.

Our community consists of over 20 professionals united by a shared passion and curiosity for all things security. We combine these traits with sharp problem-solving skills, logical thinking, and high ethical standards.