Logo carmasec GmbH & Co. KG

Senior Penetration Tester

carmasec GmbH & Co. KG

Job

  • Level
    Senior
  • Job Field
    IT, Security
  • Employment Type
    Full Time
  • Contract Type
    Permanent employment
  • Location
    Cologne, Essen
  • Working Model
    Hybrid, Onsite

    • Job Summary

    You conduct targeted penetration tests on web, network, and cloud infrastructures, identify vulnerabilities, and create risk-based reports with clear action recommendations for diverse stakeholders.

    Job Technologies

    Your role in the team

    • You conduct targeted penetration tests and realistic attack simulations on web, network, and cloud infrastructures, identifying vulnerabilities before others do.
    • You create understandable, risk-based reports with clear recommendations for action - from technical details to management summaries.
    • You advise our clients at eye level - from the development team to management - and communicate complex technical content clearly and understandably.
    • You develop Threat Informed Defense strategies based on real attacker TTPs (Tactics, Techniques, Procedures).
    • You translate attack logic into robust defense, conduct sensor tests, and evaluate the effectiveness of existing defense measures.
    • You work closely with other experts, key account management, and other departments — also as part of presales activities to acquire customers.
    • You actively develop our Offensive Security domain.
    • Together, we look for projects that match your interests. You decide which client project you will work on.

    This text has been machine translated. Show original

    Our expectations of you

    Qualifications

    • You possess a deep technical understanding of attack techniques and vectors, particularly in the areas of web applications, network security, or cloud.
    • You are proficient with common tools such as Burp Suite, Metasploit, Kali Linux, Nmap, Nikto, or SQLmap, and possess solid knowledge of relevant frameworks such as OWASP, the Five Stages of Ethical Hacking, or Mitre ATT&CK.
    • You enjoy sharing your knowledge with the team and supporting colleagues in their development.
    • You hold a penetration testing certification such as OSCP and ideally additional certifications like OSCE, CRTP, PNPT, or comparable proof of your technical expertise.
    • Interest in interdisciplinary work (e.g., with Sales and Marketing) as well as in the strategic further development of our Offensive Security domain.

    Experience

    • You have extensive experience in independently conducting manual penetration tests, OSINT assessments, or vulnerability analyses - ideally in a direct client environment.
    • Ideally, you have some initial experience in a technical leadership role (e.g., as a technical lead, project manager, or mentor) or are willing to grow into this role.
    • Experience in Red Teaming or Purple Teaming - or interest in developing your skills in these areas.

    This text has been machine translated. Show original

    What we offer

    • Self-fulfillment: Space for experimentation, an open error culture, and the opportunity to shape structures within the company are a matter of course for us.
    • Mentorship: Our experienced employees support you in your personal and professional development.
    • Flexible working hours: Work during your most productive times and flexibly schedule personal commitments. Overtime will be compensated.
    • Additional benefits: You can choose from various options such as Germany Job Ticket, Urban Sports Club membership, daycare subsidy, or Job Rad.
    • Further training: We invest in your development through regular training and renowned certifications.
    • Low travel activity: We work remotely or in our offices in Cologne or Essen. Meetings on-site with the client are an exception for us.
    • Team Building: Our monthly Open Space is dedicated to creative work on current topics. Regular events (e.g., joint workation, summer party, or Christmas party) are planned and organized by the team itself.
    • Workation: Combine work and travel or take a longer break as part of a sabbatical.
    • Vacation: 30 days of leave per year and special leave for special occasions.

    This text has been machine translated. Show original

    Benefits

    Work-Life-Integration

    Topics that you deal with on the job

    Job Locations

    • Location Cologne

      Nordrhein-Westfalen

      Germany

    • Location Essen

      Nordrhein-Westfalen

      Germany

    This is your employer

    carmasec GmbH & Co. KG

    carmasec GmbH & Co. KG

    carmasec GmbH & Co. KG is a consulting boutique specializing in cybersecurity, active in Germany since 2018, offering tailored solutions for cyber resilience.

    Description

  • Company Type
    Established Company
  • Working Model
    Hybrid, Onsite
  • Industry
    Consulting
    • Logo carmasec GmbH & Co. KG

    Senior Penetration Tester

    carmasec GmbH & Co. KG
    Location
    Cologne, Essen
    Working Model
    Hybrid, Onsite
    Diversity
    Open for all genders

    More Jobs