At a Glance
- Tasks: Lead advanced penetration tests and tackle complex security challenges for top global companies.
- Company: Join Alice, a cutting-edge trust and safety company in the AI era.
- Benefits: Competitive salary, flexible work options, and opportunities for professional growth.
- Other info: Dynamic environment with opportunities to contribute to groundbreaking security solutions.
- Why this job: Make a real impact in cybersecurity while working with innovative technologies.
- Qualifications: 3+ years in application security, with expertise in API testing and OWASP Top 10.
The predicted salary is between 60000 - 80000 € per year.
We are seeking a highly motivated and technically proficient Senior Penetration Tester to join our security research division. This role is dedicated to performing advanced offensive security assessments against the biggest companies in the world. You need to be independent, attentive to details, organized, eager to learn new things, and like to research and solve problems.
What you’ll do:
- Lead and execute comprehensive, technically rigorous penetration tests targeting complex web applications, modern API architectures, and enterprise systems for organizations with significant global presence.
- Engage in sophisticated Red Team projects, including the identification of undisclosed API endpoints, development of novel bypass techniques for established security controls, and lateral movement within target environments.
- Contribute substantively to the design, development, and maintenance of proprietary internal security tools and automation frameworks to enhance the efficacy and efficiency of offensive operations.
Requirements:
- Minimum of 3 years of proven, hands-on experience in application security analysis, with a heavy emphasis on complex API penetration testing and a mastery of the OWASP Top 10 landscape.
- Strong experience with static and dynamic analysis of Android and iOS applications, including hands-on experience with techniques like detours, hooking, and runtime code manipulation.
- Deep, hands-on knowledge of the latest tactics, techniques, and procedures (TTPs) used in advanced penetration testing and network analysis.
- Ability to author comprehensive and technically rigorous reports detailing identified vulnerabilities and research outcomes.
Nice to have:
- OSCP, OSWE, eWPTXv2, CRTP, or other high-level offensive certifications.
- Hands-on experience with industry-standard reversing tools like JADX, Ghidra, or IDA Pro.
- Demonstrated online achievements, write-ups, or contributions on platforms such as HackTheBox, Pwn2Own, TryHackMe, Bug Bounty programs, or published security research.
Application Security Researcher employer: ActiveFence Ltd
At Alice, we pride ourselves on being an exceptional employer that fosters a culture of innovation and collaboration. Our team members enjoy a dynamic work environment where they can engage in cutting-edge security research while benefiting from continuous learning opportunities and professional growth. Located at the forefront of AI safety, we offer unique advantages such as access to advanced tools and projects that challenge and expand your skill set, making it a truly rewarding place to advance your career.
StudySmarter Expert Advice🤫
We think this is how you could land Application Security Researcher
✨Tip Number 1
Network like a pro! Attend industry meetups, conferences, or online webinars. Engaging with fellow security enthusiasts can lead to job opportunities that aren’t even advertised yet.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your penetration testing projects, write-ups, or contributions to platforms like HackTheBox. This gives potential employers a taste of what you can do.
✨Tip Number 3
Don’t just apply; stand out! When applying through our website, tailor your application to highlight your experience with API penetration testing and the OWASP Top 10. Make it clear why you’re the perfect fit for the role.
✨Tip Number 4
Prepare for interviews by brushing up on the latest TTPs in penetration testing. Be ready to discuss your hands-on experiences and how you’ve tackled complex security challenges in the past.
We think you need these skills to ace Application Security Researcher
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the role of Application Security Researcher. Highlight your experience with penetration testing, API security, and any relevant certifications. We want to see how your skills match up with what we're looking for!
Showcase Your Projects:If you've worked on any cool projects or have contributions on platforms like HackTheBox or Bug Bounty programs, make sure to include them! This shows us your hands-on experience and passion for security research.
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're excited about this role and how your background makes you a great fit. Be genuine and let your personality come through—we love that!
Apply Through Our Website:Don't forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it helps us keep everything organised on our end.
How to prepare for a job interview at ActiveFence Ltd
✨Know Your Stuff
Make sure you brush up on the OWASP Top 10 and be ready to discuss your hands-on experience with API penetration testing. Be prepared to share specific examples of past projects where you identified vulnerabilities or developed bypass techniques.
✨Show Off Your Tools
Familiarise yourself with industry-standard reversing tools like JADX, Ghidra, or IDA Pro. If you've used them in your previous roles, be ready to explain how they helped you in your assessments and what insights you gained from using them.
✨Be a Problem Solver
Since this role requires a knack for research and problem-solving, think of scenarios where you faced challenges during penetration tests. Prepare to discuss how you approached these problems and the innovative solutions you implemented.
✨Communicate Clearly
You’ll need to author comprehensive reports detailing your findings, so practice explaining complex technical concepts in simple terms. During the interview, demonstrate your ability to communicate effectively, as this will be crucial in your role.
