2,474 Open roles
96 Companies
52 Posted today
Jobs / BrainRocket / Senior Penetration Tester
This job is no longer available.

This position has been closed.

Posted 2026-05-22

Senior Penetration Tester

Description

We invite a Senior Penetration Tester to join our team. It's an office-based role – no remote or hybrid options.

Responsibilities
  • Lead end-to-end penetration testing engagements across web applications, APIs, mobile, internal and external networks and cloud (primarily AWS).
  • Run red-team and assumed-breach operations - initial access, privilege escalation, lateral movement, persistence, exfiltration - including against fraud and detection stacks.
  • Perform security reviews of cloud-native services, Kubernetes workloads, CI/CD pipelines, and microservices.
  • Discover and exploit vulnerabilities across real-money flows - payments, deposits and withdrawals, wallets, KYC / AML, bonus systems, and affiliate tracking.
  • Partner with product, engineering, AppSec, payments, and fraud teams to translate findings into concrete fixes and durable controls.
  • Develop custom tooling, scripts, and methodology where no out-of-the-box approach exists.
  • Build and validate declarative threat models and contribute to "secure by design" practice.
  • Mentor mid and junior testers, review their engagement plans and reports.
  • Track new CVEs, TTPs, MITRE ATT&CK updates, and regulator advisories - translate them into concrete changes here.
  • Support pre-sales scoping, effort estimation, and pre-certification engagements for new products and jurisdictions.
  • Serve as a trusted offensive-security advisor to product, engineering, and compliance teams.
Requirements
  • Minimum 4 years of hands-on penetration testing or offensive-security experience.
  • Proven track record across at least three of: web / API, internal, external network, cloud (AWS / GCP), mobile (iOS / Android).
  • OSCP or an equivalent in-the-box certification.
  • Strong working knowledge of SAST/SCA/DAST tooling, AWS/GCP, MITRE ATT&CK, OWASP ASVS / WSTG, PTES.
  • Understanding of the data flow, MVC model.
  • Understanding of supply chain attacks.
  • Good reporting skills.
  • Comfortable scripting in Python plus Bash.
  • Knowledge at least one of major cloud provider's IAM model.
  • Experience pentesting cloud-native systems and Kubernetes environments, plus the CI/CD pipelines around them (GitLab, GitHub Actions, Jenkins) and IaC (Terraform, Helm, CloudFormation).
  • Strong written and verbal communication in English .
  • Experience balancing security and business demands under release pressure.
  • Familiarity with industry regulations, frameworks, and practices: PCI DSS, ISO 27001, NIST, GDPR .

## PREFERRED QUALIFICATIONS:

  • One of offensive-security certifications: OSWE, OSEP, OSED, CRTO, BSCP, ARTE, GRTE .
  • In-depth experience architecting secure services on Kubernetes and AWS.
  • Prior iGaming, fintech, or payments domain experience.
  • Public CVEs, advisories, write-ups, conference talks.
  • HTB Pro Lab completions, real CTF placements.
  • Open-source contributions to offensive or defensive tooling.
Benefits
  • 24 vacation days annually.
  • 6 sick days without a medical certificate.
  • Premium Health Insurance (coverage up to 5,000 EUR annually).
  • Special occasion gifts: birthday, wedding, newborn.
  • Learning & Development budget (for conferences, courses and certifications).
  • Corporate events: international parties, team buildings, activities.
  • Career growth opportunities in a fast-growing company.
  • Relocation package for international candidates.
  • Sports package (FitPass membership).
  • Language classes: Serbian & English (company-covered).
About BrainRocket

BrainRocket is a software development and design company founded in 2020 and headquartered in Limassol, Cyprus. It builds end-to-end technology products across industries including iGaming, fintech and marketing, covering platform development, payments, CRM, data and AI. The company employs more than 1,300 people, with additional offices in Malta, Poland, Portugal and Serbia, and has delivered over 100 products across 20 markets. BrainRocket positions itself as a full-cycle technology partner engineering software built for scale and performance.

Read more about BrainRocket →

Similar Active Jobs
IGTProduct & DevelopmentBelgrade, Serbia

Technical Artist

IGT is seeking a Technical Artist in Belgrade to bridge the gap between art and technology in the production of casino games. The role involves implementing 3D assets and animations in Unity while collaborating with international cross-functional teams. Candidates must possess strong technical skills in Unity and Adobe Creative Suite, along with a relevant portfolio of slot or casino artwork.

HybridFull-timeMid-level3 yearsEnglish
2026-07-02
SportradarProduct & DevelopmentVienna, Austria

Senior Application Specialist [m/f/d]

Sportradar is seeking a Senior Application Specialist to take technical ownership of Dynamics 365 F&O and connected financial systems. This role supports strategic initiatives within Finance systems by collaborating with the finance department and stakeholders to deliver customised solutions and enhance operational efficiency. The specialist will manage applications, permissions, provide operational support, and execute compliance controls.

Full-timeSeniorEnglish
2026-07-02
SportradarProduct & DevelopmentBremen, Germany

Senior C++ Software Engineer

Sportradar is seeking a Senior C++ Software Engineer to join its Sports Virtualisation team. The role involves developing innovative products using Unreal Engine 5.6+ by integrating high-performance C++ code with live skeletal tracking data. The engineer will support the team in building interactive virtual sports content, while also performing maintenance and stabilization of running systems and guiding junior developers.

Full-timeSenior3 yearsEnglish
2026-07-02
AristocratProduct & DevelopmentSkopje, North Macedonia

QA Engineer

The company is seeking a QA Engineer to ensure software product quality. This role involves completing manual test cases, assisting with test plans, and tracking defects. The engineer will collaborate with development teams, participate in testing activities, and support automation efforts. This is an opportunity for professional growth within a dedicated quality-focused team.

On-siteFull-timeMid-level1-2 yearsEnglish
2026-07-02
EntainProduct & DevelopmentHyderabad, India

Gaming Operations Executive

The Gaming Operations Executive ensures the stability, integrity, and operational performance of gaming products through advanced monitoring, automation, and risk management. The role involves combining escalation management with commercial risk oversight, focusing on game integrity, platform uptime, supplier performance, and proactive issue detection. This position is an important escalation point for complex technical incidents, requiring investigation and coordination of system-level issues and improvement of automated monitoring tools to protect revenue and player experience.

On-siteFull-timeMid-level1-3 yearsEnglish
2026-07-02