Senior Ethical Hacker (PenTester)

SoftServe is a global digital solutions company with headquarters in Austin, Texas, founded in 1993. Our associates are currently working on 2,000+ projects with clients in the USA, Europe, and LATAM region. We are about people who create bold things, who make a difference, who have fun, and who love their work.

Our Critical Services Center of Excellence (CoE) is a group of passionate technologists specializing in software architecture, startups, and enterprise platforms. As part of SoftServe's Cybersecurity Practice Team, we help clients build trust in their systems by delivering reliable, tailored security solutions. We don't just identify gaps – we guide organizations through every step of the improvement journey, making sure they're equipped to handle today's threats and tomorrow's challenges.

With deep expertise across a wide range of technologies, we adapt our approach to meet each client's unique needs. Our team covers a broad spectrum of cybersecurity domains: Cost Optimization & Migration Efficiency, Infrastructure and Application Modernization, Regulatory Compliance & Governance Excellence, Security Posture Strengthening, Data Protection and Privacy Assurance, and Secure Use of AI.

We are a diverse, distributed team with members based in Poland, Ukraine, Spain, and other European countries, collaborating across borders to deliver world‑class cybersecurity solutions.

• An expert with 5+ years in cybersecurity testing, with practical knowledge across various security domains: mobile security, web assessment, network infrastructure, cloud security (AWS, GCP or Azure), binary security
• Skilled in identifying security vulnerabilities in platforms and providing actionable recommendations to mitigate risks effectively
• Experienced in DAST & SAST & IAST methodologies
• Aware of industry threats, vulnerabilities, and standards: OWASP Top 10/SANS 25, PCI, HIPPA, GDPR and current AI security trends
• A specialist in network protocol analyzing, investigation unknown security vulnerabilities (0‑days) or reproducing the known one (1‑st days)
• An owner of CISSP, CISA, CEH, OSCP, or other information security certifications (nice to have)
• Showcasing practical experience in AI security (as a win)
• An expert in reverse engineering and exploitation (as an advantage)
• Fluent in English (Upper‑intermediate level) and comfortable in a multicultural environment
• Exceptional in both verbal and written communication, capable of leading and influencing virtual teams

• Perform penetration testing for network, infrastructure, and different types of applications: web applications, web services, mobile applications, and thick client applications
• Perform a security audit of application and infrastructure: designs, source code, integration, and security requirements
• Perform Red Team activities, such as social engineering, and simulation of security incidents to assess the effectiveness of the incident response
• Develop and implement threat modeling processes that help identify potential security risks at early stages of development
• Collaborate with development teams to integrate security throughout the SSDLC, promoting secure coding standards and best practices
• Lead and mentor a team focused on application security, providing guidance on secure coding practices, threat modeling, and risk assessments
• Lead the pre‑sales and suggest best security approaches based on client’s business need
• Investigate the industry trends, emerging threats, and best practices to continually improve the the security posture

• Cooperate with the world‑leading companies and people
• Cover a big range of projects and clients
• Have a variety of projects with different types of needs and requirements
• Work towards giving you a highly independent position with total ownership and accountability, but also support when needed
• Get a great deal of learning and development opportunities along our structured career path
• Work with experts in application security, security engineering and governance risk and compliance

SoftServe is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment regardless of race, color, religion, age, sex, nationality, disability, sexual orientation, gender identity and expression, veteran status, and other protected characteristics under applicable law. Let’s put your talents and experience in motion with SoftServe.

Enjoy our Flexible Workplace – work from home, or in any office of your country!