Advanced Penetration Tester (m/f/d)

Since its foundation in 1925, the DEKRA promise has been to ensure the safety of human interaction with technology and the environment. The company currently employs around 49,000 people in more than 60 countries on all five continents.

We have a clear and ambitious vision of the future. The vision for our 100th birthday in 2025 is to see DEKRA as the global partner for a safe world.

Within our Cybersecurity Hub, we are responsible for performing product security evaluations for the most important manufacturers worldwide.

We're growing a team of offensive security specialists focused on testing some of the most secure and widely used products in the world. This is your chance to step beyond traditional pentesting and dive into deep technical work involving fuzzing, reverse engineering, vulnerability analysis, and hands‑on device testing.

• Perform in-depth security assessments of highly secured devices, applications, embedded systems, and connected ecosystems.
• Design and execute advanced attack scenarios using fuzzing, static/dynamic analysis, side‑channel exploration, and protocol manipulation.
• Reverse engineer firmware and binaries to identify subtle implementation flaws and complex vulnerabilities.
• Explore attack surfaces across multiple layers (hardware, firmware, OS, apps, network stacks, etc.).
• Build or customize tools to support complex testing strategies, including device emulation, virtualization, or interface‑level testing.
• Support certification, evaluation, and compliance efforts by providing technical findings and insights.
• Collaborate with internal teams to improve methodologies, develop new testing frameworks, and guide secure development practices.

• +5 years of demonstrated experience in penetration testing.
• Computer Science, Telecommunication, or equivalent Bachelor's degree.
• Demonstrated hands‑on experience with Linux.
• Proficiency with network penetration testing and tools like Nmap, Metasploit, Wireshark, and Netcat.
• Proficiency in Python and C/C++ (additional scripting languages are a plus).
• Hands‑on experience with fuzzing frameworks (libFuzzer, AFL, Honggfuzz, QEMU‑based fuzzers, etc.).
• Strong skills in binary analysis, reverse engineering (IDA Pro, Ghidra, Binary Ninja), and exploit development.
• Familiarity with secure boot, trusted execution environments, mobile platforms, or automotive systems is highly desirable.
• Comfortable working with physical hardware (JTAG/UART/SWD, logic analyzers, etc.) and debugging complex issues at the system level.
• Clear and concise technical reporting and communication skills in both English and Spanish.
• Determined, passionate, and with a keen eye for detail.
• Be keen to learn day to day.
• Aptitude for teamwork in an international environment.

• CEH, OSCP or similar
• Participation in CTFs, Hack the box, or similar activities. Happy to know your best achievements.
• Own research and presentations at congresses will be positively valued.

• Permanent contract.
• Hybrid and flexible work model that allows the conciliation between personal and work life.
• Intensive summer day and every Friday of the year.
• Possibility of accessing restaurant vouchers, nursery vouchers, private medical insurance and Wellhub.
• Healthy snacks and free coffee in our offices.
• English lessons to increase your level if it is needed.
• Our employees have an opportunity to develop a career plan with access to different certification programs (internal and external) as well as participate in cybersecurity events within the community and engage in a learning culture and more!
• Work with leading Top-Notch customers.
• Discounts on major brands: textiles, consumer goods, electronics, travel agencies.

Hybrid options near our Hub locations in Málaga.

We offer you an excellent opportunity to grow and develop your career in a leading multinational organization.

For more info about us or what we do, visit www.dekra.com.