Expectations
Offensive Security & Penetration Testing
- Conduct end-to-end penetration testing of web applications, APIs, internal and external infrastructure, cloud environments, and Kubernetes clusters
- Perform vulnerability assessments and identify security weaknesses across products, infrastructure, and cloud environments
- Simulate real-world attack scenarios, including privilege escalation, lateral movement, persistence, and attack path analysis
- Participate in red team exercises and offensive security initiatives
- Assess the security of cloud-native services, CI/CD pipelines, containerized environments, and infrastructure as code
- Work with bug bounty programs and coordinate responsible disclosure activities
- Research emerging attack techniques, vulnerabilities, and adversary tactics to improve the organization’s security posture
- Partner with infrastructure and product teams to translate findings into practical remediation plans
- 4+ years of hands-on experience in Offensive Security, Penetration Testing, or Red Team roles
- Practical experience performing penetration tests against web applications, APIs, cloud environments, or internal infrastructure
- Strong understanding of common attack techniques, attack chains, and adversary behavior
- Experience with Kubernetes and container security assessments
- Knowledge of cloud security concepts and IAM models in AWS and/or GCP
- Understanding of network security, authentication, and access control mechanisms
- Experience with Linux systems and security hardening principles
- Familiarity with CI/CD security and Infrastructure as Code technologies (Terraform, Helm, etc.)
- Scripting and automation skills (Python, Bash, Go, or similar)
- Understanding of common security frameworks and methodologies such as OWASP, MITRE ATT& CK, PTES, or ASVS
- Native Russian language
- Willingness to work from one of our offices in Almaty, Tbilisi, Yerevan or Limassol
Benefits
Our project is actively growing, as well as the team that creates it. We invest in the growth of each specialist and regularly review salaries based on performance. Moreover, we have a promotion system that allows specialists to showcase their talents in more responsible positions.
You can choose various work types: hybrid or office. Also we have flexible hours with the option of taking days off.
We offer sick days without salary loss, assistance in difficult life situations, no bureaucratic nightmares and processes for the sake of processes.
We carefully review every application and will definitely reach out if your profile matches the role’s requirements. If you do not receive a response within 14 calendar days, it means we are not moving forward with your application at this stage. We’d be happy to reconnect in the future — please keep an eye on our openings.
Employment process
You apply for an open role via our careers portal. We carefully review your CV and any additional materials you provide.
If your experience matches our needs, we’ll invite you for an initial conversation with a recruiter. It’s a chance to get to know each other, talk about your motivation and expectations, and share more about the role and company.
You may be asked to take part in one or more technical interviews with the team. In some cases, we might also send you a test assignment to better understand your practical skills.
A closing conversation with a hiring manager or team lead. We’ll discuss the outcomes of the previous stages, cover any remaining questions, and align on expectations.
If everything goes well — we’ll extend a job offer. Once the details are confirmed, we’ll guide you through the onboarding process and welcome you to the team.