🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
Cookies & analytics consent
We serve candidates globally, so we only activate Google Tag Manager and other analytics after you opt in. This keeps us aligned with GDPR/UK DPA, ePrivacy, LGPD, and similar rules. Essential features still run without analytics cookies.
Read how we use data in our Privacy Policy and Terms of Service.
🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
ithouse.co • Warszawa, Pomeranian Voivodeship, Poland
Role & seniority: Web application penetration tester (3+ years experience; mid–senior level)
Stack/tools: Python; AI/LLMs and prompt engineering; security testing tools (Burp Suite, OWASP ZAP, Nessus, Nmap, Kali Linux); familiarity with OWASP Top 10
Conduct penetration tests on internal products/services of a large tech company
Build AI-driven tools to identify web vulnerabilities; perform vulnerability scanning and deliver risk assessments
Review source code and collaborate with development teams to enhance security posture
3+ years in web application penetration testing
Practical experience with Python and AI/LLM-driven workflows
Proficiency with Burp Suite, OWASP ZAP, Nessus, Nmap, Kali Linux; solid OWASP Top 10 knowledge
Knowledge of Linux kernel / OS internals
Experience with Python AI frameworks (e.g., Pydantic)
CI/CD/DevOps experience; familiarity with SAST tools (Checkmarx, Semgrep, Synopsys Coverity)
Understanding of web application source code analysis techniques
Location & work type: Hybrid in Warsaw, Poland; in-office 3 days/week; permanent employment (umowa o pracę) with benefits
Notes: Role is part of a global product company project, emphasizes impact, collaboration with international teams, and opportunities for growth.
Hi, we're glad you're here! 👋
About ITHOUSE: for over 7 years we’ve been connecting IT specialists with projects that truly matter: the kind that shape how people in Poland use technology every day.
We work with both public institutions and commercial companies, helping modernize systems used by millions. Thanks to the teams we build, fewer tasks require running around with paperwork, and more processes become simple, fast, and accessible.
But that’s not all, we also take on ambitious R&D projects, including for companies, where technology meets AI and real innovation.
We always try to match the project to the person, to your experience, preferences, and what genuinely motivates you. If you want to do meaningful work and see real impact, there’s a good chance you’ll feel at home here.
In our recruitment process, we focus on partnership, transparency, and mutual respect. For us, recruitment isn’t just a procedure. It’s a conversation about what matters to you and where you can grow.
📌 Project
You'll be joining a world-renowned product company, working on cutting-edge solutions used by millions around the world. The project operates in a truly international environment.
This is a great opportunity for someone looking to grow: both technically and professionally. You'll collaborate with highly experienced specialists who value quality, knowledge sharing, and continuous improvement. The bar is set high, but that’s exactly what makes this an inspiring and rewarding place to be.
What makes this project stand out is the real impact you’ll have. Your ideas matter, and your voice will be heard. It’s a setup that fosters innovation and creates impact on a global scale.
Requirements
Over 3 years of experience in web application penetration testing. Hands-on experience with Python, LLMs and prompt engineering. Familiarity with major security testing tools (including Burp Suite, OWASP ZAP, Nessus, Nmap and Kali Linux). Solid understanding of common web vulnerabilities (particularly those outlined in the OWASP Top 10).
Nice To Have
Knowledge of operating system internals (Linux kernel). Experience with Python frameworks used in building AI-driven systems (e.g. Pydantic). Experience working with CI/CD pipelines and DevOps environments. Familiarity with SAST tools (such as Checkmarx, Semgrep or Synopsys Coverity). Understanding of techniques for web application source code analysis.
What You Will Do
Conducting penetration tests on internal products and services of a large technology company. Building state-of-the-art, AI-driven tools for identifying vulnerabilities in web applications. Performing vulnerability scanning and delivering comprehensive risk assessments. Reviewing source code and working closely with development teams to enhance overall security posture.
What We Offer
Stable employment based on an employment contract (umowa o pracę) A hybrid work setup in the heart of Warsaw, we meet in the office 3 days a week to collaborate and connect Access to a benefits platform tailored to your lifestyle and needs (Multisport, Private Medical Care) Daily collaboration with a diverse, international team Flexibility to explore different projects over time, we support growth and change Regular team-building activities and integration initiatives to keep the vibe strong All the tools you need, we’ll provide both hardware and software
Apply and let us get to know you, talk soon! ☀️ Show more Show less