Build a career alongside practitioners who ship.

What you'll do

• Pentest web applications, mobile apps (Android / iOS) and broader web-app estates end-to-end.
• Write client-ready findings with reproduction steps, impact and concrete remediation.
• Own scoping discussions, retests and debriefs alongside senior engagement leads.
• Contribute to internal tooling, methodology and public research write-ups.

What we're looking for

• 3–4 years hands-on penetration testing experience.
• Confident across web, mobile and web application testing.
• Required certifications: eJPT, CEH, CPSA.
• Clear technical writing. Your report is the product.

Nice to have

• Public bug-bounty track record (HackerOne, Bugcrowd, Intigriti).
• CVEs, CTF placements or published research.

What you'll do

• Triage and investigate escalated alerts from L1: endpoint, network, identity and cloud.
• Build and refine AI-assisted detection, enrichment and response playbooks.
• Own SOAR automations: reduce toil, raise signal, document every flow.
• Lead deep-dive analysis on incidents and feed findings back into detections.

What we're looking for

• 2–3 years SOC / blue-team experience at L1 or early L2.
• Hands-on with AI solutions & automation in a detection or response context.
• Strong analysis and triage instincts: calm under real alerts, not just tabletop drills.
• Comfortable writing runbooks, playbooks and incident summaries.

Nice to have

• Exposure to SIEM tuning, threat hunting or purple-team exercises.
• Scripting: Python, PowerShell, KQL / SPL.