Senior Security Engineer

Senior Application Security & Penetration Testing Engineer – Web & Mobile Security📍 Remote | 🕒 Full-time (Long‑term Contractor)About the Company 🌐A fast‑growing global cybersecurity company is building advanced security capabilities at the intersection of application security and blockchain technology.

The company delivers security services across web, mobile, cloud, and modern application environments, supporting clients operating mission‑critical systems worldwide. 🌍By combining deep technical expertise with ongoing research and tooling development, the organisation delivers high‑impact security assessments, penetration testing, and security reviews for complex, real‑world platforms. 💻🔐 It is strongly committed to security excellence, transparency, and continuous innovation. ✨Role Overview 🚀This opportunity is ideal for a hands‑on senior application security professional with strong penetration testing experience across web and mobile applications.

The role is highly technical and delivery‑focused, offering exposure to a wide range of systems including modern APIs, cloud infrastructure, and emerging Web3 environments. 🧠 The successful candidate will work directly on security assessments while also contributing to research, tooling, and community initiatives.

This is a high‑impact role requiring strong offensive security skills, clear communication, and a passion for improving application security at scale. 🤝Key Responsibilities 📋🔍 Application Security & Penetration TestingPerform security assessments of web, mobile, thick‑client applications, and browser extensions.

Conduct external and internal network penetration tests.

Identify complex vulnerabilities including logic flaws, authentication issues, and privilege escalation paths.

Carry out security-focused source code reviews, particularly for JavaScript and TypeScript codebases.☁️ Cloud SecurityConduct cloud security reviews across AWS, Azure, and/or GCP.

Assess IAM configurations, access controls, and misconfiguration risks.

Understand how application and cloud security intersect in modern environments.📝 Reporting & CommunicationProduce clear, high‑quality pentest reports for both technical and non‑technical audiences.

Communicate risk, impact, and remediation guidance effectively.

Work closely with clients to support security improvements.🧪 Research & InnovationResearch and develop new penetration testing techniques and tools.

Contribute to internal R&D efforts and community knowledge sharing through blogs, tools, or presentations. 📚Candidate Profile 🎯📊 Experience4+ years’ experience in application security and penetration testing.

Strong experience with web application and API security.

Proven source code review experience, especially in JavaScript and TypeScript.

Experience testing mobile applications (Android and/or iOS).

Familiarity with cloud platforms and security risks (AWS, Azure, GCP).🛠 SkillsExperience with scripting languages such as Python and/or Bash.

Solid understanding of cryptography fundamentals.

Excellent analytical and problem‑solving abilities.

Strong written and verbal communication skills.🎓 EducationBachelor’s degree in Computer Science, Information Security, or a related field.

Bonus Experience ⭐Experience testing Web3 or blockchain-based applications.

Exposure to smart contract security audits.

Participation in bug bounty programs or security audit contests.

Offensive security certifications (OSCP, OSWE, OSCE, GWAPT, or similar).

Published security research, blog posts, or conference presentations. 🧑 🏫Offer Highlights 🎁💰 Competitive compensation⏳ Long‑term, full‑time engagement🧠 Dedicated time for research and skill development🌍 Work on high‑impact, global security projects🚀 Growth opportunities within a highly technical security environment