Gender: AnyAge: From 25 to 35Seniority Level: ExpertRequired Experience Year: Between 2 to 5 yearsWorking days: Saturday to WednesdayJob DescriptionAt blubank, we are seeking talented, dynamic, and enthusiastic individuals as a Penetration Testing Secialist to join our friendly and professional team. If you’re looking for a workplace where you can grow and continuously learn, this opportunity is for you!Responsibilities:Conduct comprehensive penetration testing of mobile applications, devices, and APIs to identify vulnerabilities and risks.Perform static (SAST) and dynamic (DAST) analysis of mobile applications.Exploit identified vulnerabilities to determine potential impacts and validate remediation.Risk Mitigation & Consulting:Provide expert guidance to developers and security teams to remediate identified vulnerabilities.Assist in defining security controls for mobile application development and deployment.Tooling & Innovation:Develop or customize tools/scripts for testing and exploit purposesStay updated on emerging threats, vulnerabilities, and security technologies specific to mobile ecosystemsCompliance and Standards:Ensure alignment with industry standards such as OWASP Mobile Security Testing Guide (MSTG), GDPR, PCI-DSS, or other relevant frameworks.Support compliance audits by providing evidence of testing and mitigations.Reporting & Documentation:Document findings in detailed technical reports, including vulnerability descriptions, risk levels, and remediation recommendations.Present assessment results to technical and non-technical stakeholders in clear and actionable formats.Collaborate with software development teams to address vulnerabilities during the development lifecycle.Engage with external auditors and clients to explain testing methodologies and findings when required.Qualifications:Bachelor’s degree in Computer Science, Information Security, or a related field.Relevant certifications (e.g., OSCP, CEH, GPEN, GWAPT, or CISSP).2-5 years of experience in web application penetration testing, vulnerability assessment, or a related field.Proven experience with tools such as Burp Suite, OWASP ZAP, Metasploit, and NessStrong knowledge of mobile operating systems (iOS, Android) and their security models.Proficiency in mobile app testing tools (e.g., Burp Suite, OWASP ZAP, MobSF, Frida, or JADX).Familiarity with reverse engineering and decompilation tools.Experience with secure coding practices and understanding of cryptography principlesFamiliarity with programming languages (Java or JS).Strong analytical and problem-solving abilities.Excellent written and verbal communication skills for technical and non-technical audiences.Ability to prioritize and manage multiple projects under tight deadlines.Benefits:Work from home optionFlexible working hoursTraining courses and professional development opportunitiesMilitary service project (Limited)Supplemental health insuranceTeam-building budgetPerformance-based bonusesLoansLunch subsidies