Penetration Tester in Bucuresti

For one of our key Clients we're looking for an expert specialist for the position of: Senior Automation Tester (Python + Security)   Terms of engagement:   Area:  Consulting IT (project for transportation area) Localisation:  100% remote Start:  ASAP (max 3 months notice period) Salary rate (determined individually):   120 - 135 PLN net + VAT / h Terms:  B2B (outsourcing via 1dea), full-time, long-term   Recruitment process (100% remotely): Phone "hello" interview with 1dea recruitment consultant (~10 min) Technical and business conversation with our Client (approx. 1 hour) Decision to cooperate Scope of duties: Understand Security Needs:  Collaborate with architects and product owners to define security requirements and limitations. Craft Security Tests:  Design test scripts using security tools (Burp Suite, OWASP ZAP) to comprehensively cover all security aspects. Build Security Frameworks:  Develop, implement, and document reusable security testing frameworks for efficient testing. Execute Security Testing:  Conduct various tests (vulnerability assessments, threat modeling) for both on-premise and cloud environments using chosen tools and methodologies. Report & Mitigate Risks:  Identify, document, analyze vulnerabilities, threats, and risks; recommend solutions; monitor security trends and report findings to stakeholders.   Requirements: Experience: Minimum 3 years of hands-on experience  applying security testing practices. Proven track record  in securing backend, API, and web service applications. Technical Skills: Strong understanding  of security testing tools (Burp Suite, OWASP ZAP, etc.). Ability to automate  security testing using scripting languages (Python preferred). Expertise in security analysis  and designing effective security tests. Experience with  security monitoring and diagnostic tools (SIEM systems). Security-focused knowledge of  messaging protocols and API technologies. Proficiency in Unix/Linux with a focus on secure configurations  and best practices. Practical experience with  automated testing frameworks (Selenium WebDriver, Cypress, Playwright). Working knowledge of SQL and relational databases  from a security perspective. Certifications & Methodologies: Industry-recognized security certification  (ISTQB Security Tester, CompTIA Security+, etc.). Solid grasp of networking technologies  including encryption, load balancing, and firewalls. Experience following established security testing methodologies and processes. Reporting & Integration: Proven ability to create comprehensive security test reports  with actionable findings and recommendations. Familiarity with DevSecOps tools  (Bitbucket, Jenkins, GitLab) for integrating security testing into the CI/CD pipeline. We offer: A transparent model of long-term cooperation (B2B contract for an indefinite period) Stable and safe involvement in a company with a solid market position Modern equipment provided by the company, along with software and configuration Flexible working hours Possibility to work remotely 100% of the time Professional advice and career support by a team of experienced specialists A mature and sustainable design ecosystem Good atmosphere in the team - values such as camaraderie, openness, respect, mutual help and support in development are important to us We try to work in the spirit of Agile, which we understand as: continuous improvement, effective cooperation and the use of an empirical approach during the development of manufactured products We support a culture of creativity - each team member has the opportunity to propose their own ideas or solutions - you will always be listened to and your suggestions will be taken into account