Internal Cybersecurity Penetration Tester

Job Description

The Cybersecurity Internal Penetration Tester will be responsible for conducting internal penetration tests on the bank’s infrastructure, applications, and controls.

Tasks

The main tasks include:

• Planning, scope, and execution of internal penetration tests on core banking platforms and business applications
• Development of test scenarios that correspond to realistic threat models
• Conducting hands-on tests on internal networks, servers, endpoints, web applications, APIs, cloud workstations, Active Directory, and other core infrastructure systems
• Documentation of results in clear, risk-based reports that include evidence and actionable recommendations for both technical and non-technical audiences
• Collaborate with infrastructure, development, DevOps, and risk teams to support remediation plans and post-fix testing
• Development and maintenance of internal testing methods, playbooks, and tools to support responsive and effective evaluations
• Collaborate with SOC or similar teams to identify and improve detection and response capabilities
• Stay up to date on emerging threats, vulnerabilities, TTPs, etc., and incorporate them into internal testing

Requirements

The requirements include:

• Background in cybersecurity, computer science, or related fields
• 3–5 years of hands-on experience in penetration testing or red teaming, with a proven track record of working on internal networks, web applications, and APIs
• Strong understanding of network protocols, operating systems (Windows, Linux), and web and cloud technologies
• Familiarity with common offensive tools and techniques (e.g., Burp Suite, Metasploit, Cobalt Strike-like frameworks, Kali-based tools)
• Solid understanding of secure coding practices and common application vulnerabilities (e.g., OWASP Top 10)
• Professional certifications such as OSCP, GCPW, or similar offensive security certifications that are current
• Strong communication skills and the ability to explain complex technical findings to both technical and non-technical audiences

We offer

We provide a supportive environment where your contributions are valued and recognized. Our values include:

• Responsibility: Taking responsibility for tasks and challenges, and continuous improvement
• Hands-on: Proactive delivery of high-quality results
• Passion: Commitment and pursuit of excellence
• Solution-oriented: Focus on customer results and fair treatment of customers with a risk-aware attitude
• Partnership-oriented: Promoting cooperation and teamwork