Penetration Tester with strong Web focus - Copenhagen – itm8

We are on the hunt for a Penetration Tester with strong skills in web penetration testing, API security testing, application security testing and mobile application security testing. If you have got the chops, practical experience, and the certifications to back it up, we really want you on our team!

We can offer you:

• A strong and unique culture that values a healthy and social work environment, with a standard 37-hour work week

• A targeted budget for training, courses, certifications, and conferences

• Opportunities to work with enterprise clients on interesting projects alongside skilled technical colleagues

• Monthly "Nerd Days" during office hours for exploring and developing your interests

• Colleagues who LOVE “weird” brains. That’s why we hack stuff, and great minds don’t think alike

About Cyber Security in itm8
In Cyber Security, we provide expert advice and consultancy within Red Team, Blue Team, Incident Response, and Strategic Security Advisory. We also operate our own Cyber Defence Center.

Our goal is to become the leading full-service Cybersecurity firm in consultancy and security services. We boast a strong client portfolio and strive to be the best workplace for IT security professionals.

About the job
As a penetration tester with target focus your primarily responsibilities will be on the four topics below:

• Conduct comprehensive penetration testing on web applications, APIs, client systems, and mobile platforms.
• Identify and exploit vulnerabilities, including SQL injection, XSS, CSRF, authentication issues, and API misconfigurations.
• Write detailed reports of findings, outlining risks, impacts, and recommendations for remediation.
• Stay updated with the latest cybersecurity trends, tools, and attack vectors.

Day-to-day duties

• Tear apart web applications to identify vulnerabilities
• Identify flaws in APIs
• Analyze applications for potential security weaknesses
• Detect security flaws in client systems. (devices)
• Follow the best practices of OWASP and the MITRE ATT&CK framework
• Stay sharp with the latest industry best practices and certifications

Skills we are looking for in this role
You likely have experience from another consultancy company and possess 3-5 years of experience in a similar role. The skills below are samples of what we are looking for.

Qualifications:

• Certifications: Must have top-tier certs like OSCP, GPEN, GWAPT, CPTS, CWEE
• Proven track record in penetration testing
• Consulting: Ability to deliver professional consulting services and build solid client relationships
• Technical Proficiency: Deep understanding of security protocols, encryption, and secure coding practices
• Communication: Excellent verbal and written communication skills – both Danish and English
• Willing to work with time-boxed assignments
• Dedicated to helping clients and supporting the company's mission of delivering quality service while maintaining profitability

Process & application
If you think you have got what it takes, please send us your resume and a cover letter detailing your experience and certifications as soon as possible. If you have any questions before you apply, please do not hesitate to contact Christoffer Bech by mail [email protected].

We invite candidates for interviews on an ongoing basis and close the position once we have found the right candidate.

Since we work in Cyber Security, a clean criminal record is required.

The position requires physical presence, but you will have the opportunity for remote work days too.

We look forward to hearing from you!