Job Openings Pentester (Ethical Hacker)

About the job Pentester (Ethical Hacker)

About the Job

We are reinforcing a cybersecurity team from a client with a Penetration Tester (Ethical Hacker) to run controlled security tests across applications and infrastructure, document findings clearly, and help teams reduce real risk. This is a role with an hybrid setup with on-site presence (2 to 3 times per week) in Lisbon or Porto.


Key Responsibilities

  • Run penetration tests on web applications, mobile apps, APIs, and internal/external networks
  • Perform vulnerability assessments and offensive security testing activities
  • Identify, validate, and document security issues in an ethical and controlled way
  • Produce technical reports and executive summaries, including mitigation recommendations
  • Work closely with Development, Infrastructure, and Security teams to support remediation
  • Stay up to date on new vulnerabilities, attack techniques, and tooling
  • Support Red Team or Purple Team style exercises when applicable

Main Requirements

  • Degree in Computer Science, Cybersecurity, or a related field (or equivalent experience)
  • At least 3 years of experience in penetration testing or offensive security roles
  • Hands-on experience testing web, mobile, API, and network surfaces
  • Good knowledge of networking, common protocols, Linux and Windows, and application architecture
  • Knowledge of OWASP Top 10 and security testing methodologies
  • Comfortable using pentesting tools such as Burp Suite, Metasploit, Nmap, Nessus (and similar)
  • Good level of english
  • Nice to have: OSCP, CompTIA Pentest+, CHFI; cloud pentesting (AWS/Azure/GCP); scripting (Python/Bash/PowerShell/JavaScript); secure code review; CTFs or bug bounties

Personality Traits

  • High integrity;
  • Hands-on attitude;
  • Proactive;
  • Detail oriented;

What Can You Expect

You will join an established IT company with long-term stability, working on challenging security projects with room for growth. You can expect continuous training, close onboarding support from HR and the technical team, and opportunities to participate in events and knowledge sharing.

Tech Stack

Burp Suite; Metasploit; Nmap; Nessus; OWASP Top 10; Kali Linux; Linux; Windows; Python; Bash; PowerShell; AWS; Azure; GCP; Git; Mobile testing (e.g., MobSF); API testing

Work Model

Hybrid

Internal Ref: Consultant

Date Posted: 2026-01-21

Valid Through: 2026-03-21