🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
Cookies & analytics consent
We serve candidates globally, so we only activate Google Tag Manager and other analytics after you opt in. This keeps us aligned with GDPR/UK DPA, ePrivacy, LGPD, and similar rules. Essential features still run without analytics cookies.
Read how we use data in our Privacy Policy and Terms of Service.
🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
ExpressVPN • London, England, United Kingdom
Role & seniority: Senior Penetration Tester (senior individual contributor) on Offensive Security
Stack/tools: Offensive security methods; Burp Suite, AFL or similar tooling; source-code review and debugging tools; scripting: Python, Bash, Golang; automation: GitHub Actions; knowledge of TCP/IP, IDS/IPS, firewalls, WAF, cryptography (PGP, SSH, PKI)
Plan and conduct penetration tests on assets, services, and applications (solo or cross-location teams), including verification of vulnerabilities from bug bounty and scanners
Collaborate with engineering to remediate findings; provide design reviews and guidance; mentor junior team members
Manage external pentest vendors from scope to remediation; develop/maintain automated testing tools and identify process inefficiencies
Strong white-box testing, source-code review, and vulnerability research abilities
Proficiency reading multiple programming languages and identifying weaknesses across desktop/server apps, infrastructure, or mobile apps
Practical experience with manual testing, debugging/reverse engineering, and networking concepts
Experience with scripting and automation (Python, Bash, Golang; GitHub Actions)
Solid knowledge of TCP/IP, IDS/IPS, firewalls, WAF, web content filtering; cryptography basics
OSCP/OSWE/OSED or equivalent certification; bug bounty/CTF/CVE track record
Experience across varied tech stacks an
Senior Penetration Tester If you’re passionate about security and privacy, and want to use your offensive security skills to help safeguard private, uncensored access to the internet for millions of customers, we’d love to speak with you. Who you are You’re a natural at solving problems and identifying security weaknesses with deep expertise in application security and infrastructure, and you have experience working on teams that know how to remediate vulnerabilities you identified based on your recommendations. You aren’t afraid of change, and you ask the questions that need to be asked. A lack of clarity is something you can’t settle for, and you voice your concerns when the balance between effort and impact seems off. As someone with an offensive security mindset, you know there are always vulnerabilities waiting to be found, and you’re naturally collaborative to help find and address them. You’re always willing to hear ideas from your colleagues. Likewise, you're willing to share your own knowledge and mentor others. What you’ll do
Experience writing scripts in languages such as: Python, bash, or Golang to showcase your proof of concepts Experience writing automation workflows such as Github Actions Provide mentorship and guidance to other team members and share knowledge and findings with them
Cryptography: PGP, SSH, PKI How you’ll succeed Your capacity to consistently identify security vulnerabilities and provide sound remediation strategies alongside our engineering teams is key to success in this role You’ll be assigned as a security lead across a number of our projects, and will need to mentor more junior team members and help them grow their skillset Your ability to design technical solutions while staying ahead of industry trends will help drive continued security improvement, especially when supporting secure engineering designs Finally, candidates with strong experience in manual source code review and vulnerability research, or a strong track record in this area (e.g. CTFs, bug bounty program activity, published CVEs) are preferred. How we’ll support you We believe in fostering an environment that empowers decision-making at all levels. Our culture is rooted in the inverted pyramid approach, where the engineers, who have a deep understanding of the product and the customers, are the ones who have the knowledge and the authority to make impactful decisions. We prioritize treating every team member with respect and promote open and constructive feedback, ensuring a culture of trust and transparency We encourage learning through experimentation and provide a safe space for everyone to learn from their experiences Our managers are dedicated to facilitating career growth and creating an environment that attracts and supports talented engineers #LI-PS1 Before you apply At the moment, we do not sponsor visas in the EU. For Hong Kong, we require at least two years of working experience and a university degree in a related field. For Singapore and the UK, we can only sponsor visas for mid-career or above. Please upload your resume as a PDF and do not include any salary or compensation information in it. ExpressVPN is one of the world’s leading providers of online privacy and security services for consumers. Started in 2009, we’ve grown to have millions of active paying customers, a team of more than 700 people worldwide, and a brand recognized by hundreds of millions of people in 18 languages and more than a hundred countries. We see huge growth in our industry, and are gaining market share through strong execution.