About the Role:This role is ideal for security professionals who excel at uncovering vulnerabilities and transforming them into meaningful attack scenarios. You will work across Web, Mobile, and Cloud environments to identify real risks, demonstrate their impact, and guide teams toward effective remediation. If you think like an attacker and strive to build stronger defenses, this position is made for you. Responsibilities:- Lead and perform in-depth penetration testing across multiple environments, including Web Applications, Mobile Applications (i OS/Android), Cloud infrastructures (AWS/GCP), and complex internal systems.- Conduct advanced security assessments targeting APIs and IAM mechanisms, diving into the core componentsof modern applications to identify and exploit high-impact vulnerabilities.- Think like an attacker and act like a defender by not only finding isolated issues but also chaining vulnerabilities(e.g., turning a small XSS into full system compromise through logic abuse) to present realistic attack scenarios.- Deliver high-quality, detailed security reports with clear evidence and actionable remediation recommendations,contributing directly to strengthening the company’s overall security posture. Requirements:- Minimum 4 years of hands-on penetration testing experience.- Strong expertise in Web Application Security; deep understanding of OWASP Top 10 and advanced vulnerabilities(Blind Injections, Logic Flaws, Insecure Deserialization, API/Graph QL issues).- Solid experience in Mobile Security, including static/dynamic analysis using tools such as Frida and Mob SF;strong understanding of storage, network communication risks, and anti-reverse mechanisms.- Knowledge of Cloud Security on AWS or GCP, including exploitation of misconfigurations, overly permissive IAMroles, insecure S3 buckets, etc.- Proficiency with Burp Suite/Pro; ability to develop custom tools or scripts using Python/Bash/Power Shell.- Hunter mindset: strong ability to chain vulnerabilities and assess escalation impact. Nice to have- Experience in client, server, anti-cheat - a significant plus.- Relevant certifications: OSWE, CWES/CWEE, PWPE, PMPA, CMSE, ASCP, GMOB, GWAPT, GCPN, etc.- Strong bug bounty track record (Hacker One, Bugcrowd) or ownership of CVEs. Why you'll love working here?- Fair Pay, Real Impact: We offer a compensation package that grows with your value.- Relocation? Covered. Flights and visa support are on us.- Gear Up: Mac Book, i Phone - everything you need to hit the ground running.- Keep Leveling Up: Learn fast, grow faster - we invest in your skills, both hard and soft.- No Ego, Just Energy: Work with people who care, share, and build cool things together.Why you'll love working here?- Fair Pay, Real Impact: We offer a compensation package that grows with your value.- Relocation? Covered. Flights and visa support are on us.- Gear Up: Mac Book, i Phone - everything you need to hit the ground running.- Keep Leveling Up: Learn fast, grow faster - we invest in your skills, both hard and soft.- No Ego, Just Energy: Work with people who care, share, and build cool things together.