Arcus Search
Sector: Financial Services | Location: Fully remote (within Poland) | Type: B2B Freelance contract | Duration: 6 months (extensions available for 2+ years) | Rate: Market rate (competitive)
What You Will Do
Conduct white-box and black-box penetration testing against internal and public-facing applications and assets.
Manage, triage, and investigate Bug Bounty submissions and external pentest findings.
Perform variant analysis on issues discovered through all channels.
Research and perform security analyses on our 3rd-party solutions.
Develop tooling to support reconnaissance, automation, and metrics collection.
Provide expert guidance to developers, other product security teams, and the SOC in investigating issues.
Spread awareness of offensive security practices via demos, workshops, and training.
Assess the security of our tech stack through whatever means are best suited.
Define what we focus on to provide the most value.
Help further mature the security program.
Who You Are
Strong experience with penetration testing and other technical security assessments.
Experience identifying security issues in code, particularly within Java and Node.js.
Experience with cloud environments, particularly AWS and modern micro-service design principles.
Comfortable communicating findings clearly and effectively, with concrete remediation recommendations beyond simple issue reporting.
Comfortable scripting and contributing to larger projects in Python.
Able to take the initiative and be comfortable taking on projects that contribute to the larger security culture and posture.
Industry recognized certifications, e.g., OSCP, OSWE, CREST, GIAC, AWS, et. al.
CTF Participation and active contributions to the cybersecurity community.
Seniority Level Mid-Senior level
Industry Financial Services
Employment Type Contract
Job Functions
Information Technology
Skills
IT Security Assessments
Java
Vulnerability
Security Operations Center
Python (Programming Language)
Penetration Testing
Node.js
#J-18808-Ljbffr
What You Will Do
Conduct white-box and black-box penetration testing against internal and public-facing applications and assets.
Manage, triage, and investigate Bug Bounty submissions and external pentest findings.
Perform variant analysis on issues discovered through all channels.
Research and perform security analyses on our 3rd-party solutions.
Develop tooling to support reconnaissance, automation, and metrics collection.
Provide expert guidance to developers, other product security teams, and the SOC in investigating issues.
Spread awareness of offensive security practices via demos, workshops, and training.
Assess the security of our tech stack through whatever means are best suited.
Define what we focus on to provide the most value.
Help further mature the security program.
Who You Are
Strong experience with penetration testing and other technical security assessments.
Experience identifying security issues in code, particularly within Java and Node.js.
Experience with cloud environments, particularly AWS and modern micro-service design principles.
Comfortable communicating findings clearly and effectively, with concrete remediation recommendations beyond simple issue reporting.
Comfortable scripting and contributing to larger projects in Python.
Able to take the initiative and be comfortable taking on projects that contribute to the larger security culture and posture.
Industry recognized certifications, e.g., OSCP, OSWE, CREST, GIAC, AWS, et. al.
CTF Participation and active contributions to the cybersecurity community.
Seniority Level Mid-Senior level
Industry Financial Services
Employment Type Contract
Job Functions
Information Technology
Skills
IT Security Assessments
Java
Vulnerability
Security Operations Center
Python (Programming Language)
Penetration Testing
Node.js
#J-18808-Ljbffr