Cybersecurity Penetration Testing Lead

We are looking for a Penetration Testing Team Lead to join a global cybersecurity organization and lead a team responsible for identifying and exploiting vulnerabilities across applications, infrastructure, and mobile platforms. This role combines hands-on penetration testing expertise with team leadership and delivery ownership.

• Minimum 5 years of hands-on experience in penetration testing
• Proven experience leading or mentoring penetration testing teams
• Strong expertise in at least two domains: web applications, infrastructure, mobile security
• Solid understanding of common vulnerabilities and attack techniques, TCP/IP and network security, application security principles
• Strong experience with manual and automated testing techniques
• Ability to clearly communicate complex technical findings to non-technical stakeholders
• Strong analytical thinking and problem-solving skills
• Experience with scripting/programming

Nice to have:

• Experience with mobile security (iOS, Android) and related risks
• Knowledge of OWASP standards (e.g., MASVS, MSTG)
• Experience with SAST, DAST, IAST tools
• Understanding of modern architectures (microservices, APIs, cloud environments)
• Experience with code reviews (Java, Kotlin, Swift, Objective-C)
• Knowledge of authentication and security mechanisms (OAuth2, JWT, biometrics, SSL pinning)
• Background in software development or secure SDLC
• Experience in financial services or other regulated environments

• Lead and manage a team of penetration testers delivering security assessments across multiple domains
• Oversee end-to-end penetration testing lifecycle: scoping, planning, execution, and reporting
• Ensure high-quality, actionable deliverables, including clear risk articulation and remediation guidance
• Act as the main escalation point for complex technical challenges and stakeholder concerns
• Collaborate with global penetration testing leads to align methodologies and standards, share knowledge and insights, and ensure consistency across regions
• Contribute to the development and continuous improvement of testing frameworks, tools, and best practices
• Build and maintain internal knowledge base (findings, trends, lessons learned)
• Support vulnerability management lifecycle (tracking, remediation, risk acceptance)
• Participate in incident response and security investigations when needed
• Evaluate new tools, techniques, and emerging attack vectors

Leadership & collaboration:

• Mentor, coach, and develop team members (technical and career growth)
• Foster a collaborative, knowledge-sharing culture within the team
• Work closely with stakeholders across technology, security, and business teams
• Translate technical findings into business-relevant insights
• Support cross-regional collaboration and alignment

Location: Kraków (preferable) / Warszawa (6 days per month)