×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X

Senior Penetration Tester

Job in Swansea, Swansea County, SA1, Wales, UK
Listing for: ExpressVPN
Full Time position
Listed on 2026-02-17
Job specializations:
  • Software Development
Job Description & How to Apply Below

Senior Penetration Tester

If you're passionate about security and privacy, and want to use your offensive security skills to help safeguard private, uncensored access to the internet for millions of customers, we'd love to speak with you.

Who you are

You're a natural at solving problems and identifying security weaknesses with deep expertise in application security and infrastructure, and you have experience working on teams that know how to remediate vulnerabilities you identified based on your recommendations. You aren't afraid of change, and you ask the questions that need to be asked. A lack of clarity is something you can't settle for, and you voice your concerns when the balance between effort and impact seems off.

As someone with an offensive security mindset, you know there are always vulnerabilities waiting to be found, and you're naturally collaborative to help find and address them. You're always willing to hear ideas from your colleagues. Likewise, you're willing to share your own knowledge and mentor others.

What you'll do
  • Prepare and execute penetration testing projects of our assets, services and applications, either individually or as part of a team with members across various geographic locations such as Singapore, Hong Kong, London, Germany and Bucharest.
    • We operate across a wide range of technologies, from client facing applications written in various languages for various platforms, to backend infrastructure and services, and router firmware. We provide an environment where you'll be exposed to a wide range of technologies that form our tech stack.
    • You'll need a strong white-box testing methodology and the ability to identify bugs in source code to go along with good organization and communication skills when delivering penetration tests of our applications and services.
  • Work closely with the engineering teams to provide expert guidance and advice on remediation of identified vulnerabilities
  • Verify the existence of newly discovered vulnerabilities in our software stack, including triaging and verifying bugs from our bug bounty program and automated scanners, and develop novel attack vectors based on these
  • Manage and support penetration testing services performed by outside vendors, from project inception, scoping, completion of the assessment, and finally, working with engineering teams to have the identified issues remediated
  • Bring creative solutions to fruition for solving some of the complex security challenges faced by our organization, and provide security reviews on technical design documents for our solutions. Identify areas where automated testing can be done, then develop, maintain and continuously improve tools to support these automated tests
  • Mentor, guide and support other team members using your strong technical knowledge
  • Identify inefficiencies in the team's workflow, suggest solutions and drive them to completion

This role focuses strongly on your ability to perform penetration testing (with a specialization in either desktop and server applications, infrastructure, and mobile apps, depending on your experience). To be a good fit for this role, you should be able to read source code in various languages, identify security weaknesses and vulnerabilities in various platforms and efficiently deliver security assessment projects while mentoring junior team members.

Networking knowledge is critical to succeed in this role.

What you'll bring
  • Identify vulnerabilities, misconfigurations and deviations from best practices within applications by means of manual source code review, static code analysis, and/or fuzzing using Burp Suite, AFL or similar tooling. We expect vulnerabilities to be identified and exploited up to the levels of OSCP, OSWE or OSED
  • Analyze application binaries, shared libraries, and browser extensions through the use of debuggers and reverse engineering tools to understand the components of the application and assess their security posture, as well as how they interact with the underlying operating system
  • Experience writing scripts in languages such as:
    Python, bash, or Golang to showcase your proof of concepts
  • Experience writing automation workflows such as…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search