Job description

What we do

Hi, we are Vodeno. We are innovators in the Banking-as-a-Service space. Our technology is cloud-native, and our teams work in the cloud like fish in water. Supported by a leading global equity firm and the ecosystem of nearly 90 partners, our Platform opens new opportunities for businesses across Europe to integrate financial products and services into their solutions.
As part of the UniCredit Group, Aion Bank and Vodeno will accelerate their digital banking offer in strategic markets and will act as a sandbox for innovation for the wider UniCredit Group.
Based on financial sector know-how and expertise in cloud technology, we provide a set-up of customer-facing and daily banking services which include: digital onboarding, accounts, cards, payments, and lending with a white-label mobile app channel access.

We are defined by the following values:

Client at the centre - we deliver value to our clients
Curiosity - we want to know more!
Accountability - we deliver on our promises
Collaboration - we can achieve more with other

We are currently looking for a Penetration Tester ready to join our adventure.

What you will be doing

Ensuring that applications developed internally and externally are secure
Performing penetration tests of web apps, APIs and mobile apps
Supporting and consult with product and development teams in the area of application security
Assisting in development of automated security testing to validate that secure coding best practices are being used

Skills you should have

Strong experience in security research, including understanding of application security attacks and vulnerabilities
Knowledge of web application and API security vulnerabilities
Experience in conducting web application and API penetration tests, with a clear understanding of manual methods and tools in addition to automated scanners
Understanding of encryption and authentication methods
Experience with tools used for penetration testing such as Burp Suite, SQLMap, Kali/BackTrack, w3af
Basic experience in mobile app penetration testing
Basic development or scripting experience
Knowledge about source code analysis methods
Experience with OWASP
Openness to work from our Warsaw office 1 day per week (hybrid model)

What we offer

We offer a flexible form of contract according to your preference and the characteristics of the job. If you choose to be employed by us we offer tax relief for copyrights transfer (KUP).
If your role permits, we also offer flexible work location.
You will be provided an individual development budget, dedicated to enhancing your professional skills.
You will have opportunities to grow: as a Google Cloud Partner, we organise Vodeno Cloud Academy and you can get officially certified by Google.
You and your closest family will be covered with VIP-level private medical care which includes dental treatment and a hospitalisation package.
We cover psychological consultations if you ever feel you need such support.
We co-sponsor a sports card - Multisport.
You will work on Apple MacBook - a computer equipment that delivers the best user experience.
Our Warsaw office is nicely located with convenient commute options by public transport and by bike and offers healthy snacks throughout the day.

Our process

We keep our recruiting process simple.
Step 1: Talk with one of our Recruiters about your to-date experiences and ambitions
Step 2: Meet with your future colleagues for a technical interview
Step 3: Meet with your Team Manager to discuss how we fit each other

Our note to you

Diverse teams really are the best teams. Research shows that some candidates may hesitate to apply for a job unless they meet every requirement. If you are excited about working with us, we encourage you to apply - even if you're not 100% sure. We are interested in getting to know you and learning about what you bring to the table.

Please note that we may close a job posting early if we receive a large number of exceptional applications.

Good luck!