Penetration Tester with strong Web focus - Copenhagen – itm8

at  itm8

We are on the hunt for a Penetration Tester with strong skills in web penetration testing, API security testing, application security testing and mobile application security testing. If you have got the chops, practical experience, and the certifications to back it up, we really want you on our team!

We can offer you:

• A strong and unique culture that values a healthy and social work environment, with a standard 37-hour work week
• A targeted budget for training, courses, certifications, and conferences
• Opportunities to work with enterprise clients on interesting projects alongside skilled technical colleagues
• Monthly “Nerd Days” during office hours for exploring and developing your interests
• Colleagues who LOVE “weird” brains. That’s why we hack stuff, and great minds don’t think alike

About Cyber Security in itm8
In Cyber Security, we provide expert advice and consultancy within Red Team, Blue Team, Incident Response, and Strategic Security Advisory. We also operate our own Cyber Defence Center.
Our goal is to become the leading full-service Cybersecurity firm in consultancy and security services. We boast a strong client portfolio and strive to be the best workplace for IT security professionals.
About the job

As a penetration tester with target focus your primarily responsibilities will be on the four topics below:

• Conduct comprehensive penetration testing on web applications, APIs, client systems, and mobile platforms.
• Identify and exploit vulnerabilities, including SQL injection, XSS, CSRF, authentication issues, and API misconfigurations.
• Write detailed reports of findings, outlining risks, impacts, and recommendations for remediation.
• Stay updated with the latest cybersecurity trends, tools, and attack vectors.

Day-to-day duties

• Tear apart web applications to identify vulnerabilities
• Identify flaws in APIs
• Analyze applications for potential security weaknesses
• Detect security flaws in client systems. (devices)
• Follow the best practices of OWASP and the MITRE ATT&CK framework
• Stay sharp with the latest industry best practices and certifications

Skills we are looking for in this role
You likely have experience from another consultancy company and possess 3-5 years of experience in a similar role. The skills below are samples of what we are looking for.

Qualifications:

• Certifications: Must have top-tier certs like OSCP, GPEN, GWAPT, CPTS, CWEE
• Proven track record in penetration testing
• Consulting: Ability to deliver professional consulting services and build solid client relationships
• Technical Proficiency: Deep understanding of security protocols, encryption, and secure coding practices
• Communication: Excellent verbal and written communication skills – both Danish and English
• Willing to work with time-boxed assignments
• Dedicated to helping clients and supporting the company’s mission of delivering quality service while maintaining profitability

Process & application
If you think you have got what it takes, please send us your resume and a cover letter detailing your experience and certifications as soon as possible. If you have any questions before you apply, please do not hesitate to contact Christoffer Bech by mail chbec@itm8.com.
We invite candidates for interviews on an ongoing basis and close the position once we have found the right candidate.
Since we work in Cyber Security, a clean criminal record is required.
The position requires physical presence, but you will have the opportunity for remote work days too.
We look forward to hearing from you!
Lidt info om den afdeling, du skal arbejde i
I Cyber Security leverer vi rådgivning i cybersikkerhed både indenfor strategi, analyse, test, software, uddannelse, overvågning og efterforskning. Vi har udviklet vores egne governance-modeller, der sikrer udførlige backups, tester sikkerhedsopsætningen og tilbyder medarbejderuddannelse.
Vi udbyder både grundlæggende sikkerhedsservices som Baseline Security samt skræddersyede løsninger indenfor strategisk IT-sikkerhed.
Vores mål er at blive det førende full-service cyber security-hus inden for rådgivning og sikkerhedsservices. Vores kundeportefølje tæller blandt andet NORLYS, Region Syddanmark, Forbrugerrådet Tænk, Bech-Bruun, SEGES Innovation og Business Danmark.
Er du klar til at blive en itm8?
itm8 er et fællesskab bestående af mere end 1800 IT-specialister, der arbejder inden for Cloud & Infrastructure, Cyber Security og Digital Transformation. Vi er på en vækstrejse og opererer pt. i Danmark, Sverige, Tyskland, Tjekkiet og på Filippinerne.
Nogle af os er hardcore kodere, mens andre er veltalende konsulenter eller strukturerede projektledere. I bund og grund er vi alle forskellige, men fælles er vores passion for at skabe god IT sammen som ét hold – og have det sjovt, mens vi gør det.
Vores vision er at blive den mest attraktive arbejdsplads for ambitiøse IT-professionelle. Vi stræber ganske enkelt efter at være den bedste arbejdsplads for alle itm8’ere. Har du lyst til at lære mere om at være en itm8

As a penetration tester with target focus your primarily responsibilities will be on the four topics below:

• Conduct comprehensive penetration testing on web applications, APIs, client systems, and mobile platforms.
• Identify and exploit vulnerabilities, including SQL injection, XSS, CSRF, authentication issues, and API misconfigurations.
• Write detailed reports of findings, outlining risks, impacts, and recommendations for remediation.
• Stay updated with the latest cybersecurity trends, tools, and attack vectors

Day-to-day duties

• Tear apart web applications to identify vulnerabilities
• Identify flaws in APIs
• Analyze applications for potential security weaknesses
• Detect security flaws in client systems. (devices)
• Follow the best practices of OWASP and the MITRE ATT&CK framework
• Stay sharp with the latest industry best practices and certification