Web Penetration Tester
Cyrex
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇧🇷 Brazil
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
CloudGraphQLPython
About the role
- Penetration testing of web apps, mobile apps and REST & GraphQL APIs.
- Review source code for security issues.
- Assess mobile app protections (certificate pinning, jailbreak/root detection, code obfuscation) and backend integrations.
- Produce clear reports with PoCs and remediation guidance; verify fixes.
Requirements
- 5+ years in web and mobile penetration testing.
- Strong OWASP Top 10 knowledge.
- Basic cloud security knowledge.
- Manual testing first mindset, deep burp suite knowledge.
- Reporting: clear flaws write-ups.
- Source code review skills: sinks/sources, ability to spot misconfigurations.
- Working knowledge of
- Basic python skills.
- Frida, apktool, jadx
- Burp suite plugins creation would be a plus.
Benefits
- An opportunity to hone and improve your skills by applying them to a diverse variety of gaming projects
- The chance to work closely with a team of like-minded creative professionals in a fast-paced, multicultural environment on a variety of gaming projects
- A competitive salary
- Ongoing training and professional self-improvement opportunities
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
penetration testingsource code reviewmobile app securityweb app securityREST APIsGraphQL APIsmanual testingPythonBurp SuiteOWASP Top 10
Soft skills
report writingcommunicationproblem-solving