Key Facts

Remote From:

Full time

Mid-level (2-5 years)

English

Hard Skills

Mobile Application Testing Penetration Testing Web Testing API Testing Active Directory Sales Management Scripting Customer Engagement Strategy Security Testing AWS Cloud Services +19 more

Other Skills

•
Non-Verbal Communication
•
Teamwork
•
Analytical Thinking
•
Detail Oriented
•
Problem Solving

Roles & Responsibilities

2+ years of hands-on penetration testing experience (mid to senior; 2–6+ years preferred)
Strong knowledge of OWASP Top 10, ASVS, and API Security Top 10; experience in web, API, and at least one of mobile, infrastructure, or cloud testing
Proficiency with manual testing techniques and key tools (Burp Suite, Nmap, Kali Linux) and scripting (Python or PowerShell)
Excellent written and verbal communication in English, strong analytical skills, and ability to document clearly and work independently or in a team

Requirements:

Perform manual-first penetration testing across web, API, and mobile (iOS/Android) applications, identifying and exploiting vulnerabilities including business logic flaws and authentication issues
Conduct infrastructure testing (internal/external networks, Active Directory, perimeter systems) and cloud security assessments (AWS, Azure), applying threat-led or adversary simulation techniques where relevant
Develop scripts and tools to improve testing efficiency and own end-to-end delivery of engagements (planning, execution, reporting, and close-out) with clear, structured reports and actionable remediation guidance
Present findings to technical and non-technical stakeholders; collaborate with internal teams, support pre-sales activities when needed, and contribute to knowledge sharing, playbooks, and mentoring junior team members

Gegidze

Management Consulting

About Gegidze

We are from Georgia, the country in Eastern Europe, surrounded by the high mountains of Caucasus and inhabited by the world's most creative, passionate, and hardworking nation. Oh, by the way, we are also the emerging digital hub of the world. Since 2017 we at Gegidze • გეგიძე have been delivering success to our clients across Europe in design, digital marketing & tech. We help them to innovate and outperform in the modern world. [Competences] - Staff Augmentation - Business development - Digital Marketing - Design & Production [Vision] Creative problem-solving for designing and developing great brands [Mission] Build meaningful long-term partnerships and deliver the best experience of digital services. [Our DNA] Strategic thinkers • We deliver solutions through the well-built flow of thoughts, starting from the ideation, followed by research, analyzes, testing, and finishing with the final product creation Human-centric • We believe that the only true value of the brand is & always will be human capital. Therefore we assemble our team only with top talents, who are passionate about what they do, with a clear vision and a spectacular attitude to the creation process. Self-developing • We believe in non-stop progress, pursue a constant program of self-improvement, an endless journey into new fields of knowledge and learning

Company type: Startup

Industry: Management Consulting

Founded: 2018

Company size: 51 - 200

Website LinkedIn See all jobs →

Job description

This is a remote position.

We are looking for a skilled and curious Security Analyst (Penetration Tester) to join a high-performing offensive security team.

This role focuses on delivering high-quality penetration testing across web, mobile, API, infrastructure, and cloud environments, helping clients identify vulnerabilities and reduce real-world risk.

You will work closely with internal teams and clients, contributing not only to testing engagements but also to research, tooling, and continuous improvement. This role is ideal for someone who is hands-on, analytical, and passionate about cybersecurity.

Work setup: Remote

Type: Full-time

Your Duties

As a Security Analyst (Penetration Tester), you will be responsible for:

Perform manual-first penetration testing across web, API, and mobile (iOS/Android) applications
Identify and exploit vulnerabilities including business logic flaws, authentication issues, and attack chains (e.g., IDOR)
Conduct infrastructure testing (internal/external networks, Active Directory, perimeter systems)
Perform cloud security assessments (AWS, Azure)
Apply threat-led and adversary simulation techniques where relevant
Develop scripts and tools to improve testing efficiency and quality
Own end-to-end delivery of engagements (planning, execution, reporting, and close-out)
Produce clear, structured reports with risk ratings and actionable remediation guidance
Present findings to both technical and non-technical stakeholders
Collaborate with internal teams and support pre-sales activities when needed
Contribute to internal knowledge sharing, playbooks, and mentoring junior team members

Requirements

2+ years of hands-on experience in penetration testing (Mid to Senior level: 2–6+ years preferred)
Strong understanding of OWASP Top 10, ASVS, and API Security Top 10
Experience with manual testing techniques, including vulnerability chaining and exploitation
Proficiency with tools such as Burp Suite, Nmap, Kali Linux, and scripting (Python or PowerShell)
Experience in web, API, and at least one of the following: mobile, infrastructure, or cloud testing
Strong analytical and problem-solving skills
Excellent written and verbal communication in English
Ability to clearly communicate technical risks and remediation steps
Strong attention to detail and structured documentation skills
Ability to work independently and as part of a team