Penetration tester

You will be a member of Security Department team which supports BTC customers and subsidiaries. We provide comprehensive solutions for main players in German Energy Sector, where your collaboration will help to protect systems that impact millions of people. You can expect that taking up the offer for this position will boost your technical, architectural and system skill.

We require specific expertise in the field related to the job description, your collaboration and participation in many activities within our security projects. Proactive approach and motivation to help drive change and advancement are necessary. To fully take advantage of this opportunity you will need to have an already developed baseline and be familiar with multiple aspects of general IT and Security standards.

You can expect to interact frequently with other members of the Security department and the IT technical teams along with the IT Operations and Engineering teams.

• Conduct penetration tests on web applications, networks, and systems to identify vulnerabilities.

• Simulate real-world attacks to assess the security posture of the organization.

• Document findings and provide actionable recommendations to improve security.

• Collaborate with development, infrastructure, and security teams to remediate vulnerabilities.

• Stay up-to-date with the latest security threats, tools, and techniques.

• Minimum 8 years of experience in the field of IT security-related functions with at least 5 years in penetration testing area.
• Proven experience in penetration testing or ethical hacking with at least one certificate from this area (OSCP, CEH, GPEN, CRTP, CRTE or similar).
• Proficiency with tools such as Burp Suite, Metasploit, Nmap, Wireshark, Nessus, etc.
• Familiarity with scripting languages (e.g., Python, Bash, PowerShell).
• Knowledge of network protocols, operating systems (Windows/Linux), and cloud environments.
• Strong understanding of common vulnerabilities (e.g., OWASP Top 10, CVEs).
• German or English language at B2/C1 level.
• Ability to provide technical advice, guidance, and recommendations to management and other technical specialists on critical information concerning security issues.
• Extensive knowledge of current security threats, techniques, and landscape.
• Dedication and self-driven desire for research and learning more about the information security landscape and incident response.
• Will to follow processes and procedures while maintaining the flexibility to “think outside the box.

• Employment based on an employment contract or, if you prefer, in another form.
• Opportunities for development and continuous improvement of professional qualifications.
• Participation in projects in an international environment.
• Access to the newest technologies.
• Competitive salary.
• Language courses.
• Sharing the cost of sport activities.
• Private medical care with the possibility of extending it to family members.
• Nice working atmosphere in friendly and modern environment.