Application Security Engineer (Offensive Testing) Location: Dublin Type: Full-Time Salary: €65,000 - €85,000 A mature security programme supporting a large, transaction-heavy environment is expanding its offensive testing capability. This role sits within an attack surface and application assurance function, focused on identifying real-world risk in modern web, mobile, and API-driven systems. The position suits someone who prefers manual testing over checkbox scanning, is comfortable engaging directly with engineers, and can clearly articulate how issues should be fixed - not just where they exist. The Role You'll carry out hands-on application penetration testing across web, mobile, and API estates. The work is scoped, repeatable, and embedded into development and remediation cycles rather than one-off assessments. Expect deep dives into application logic, auth flows, and API behaviour, alongside regular interaction with engineering teams to validate fixes and improve secure design over time. Responsibilities Perform manual application penetration testing across web, mobile, and API services Test against OWASP methodologies with a focus on logic flaws and abuse cases Scope applications collaboratively to ensure meaningful coverage Identify, validate, and prioritise vulnerabilities using CVSS and contextual risk Produce clear, evidence-backed reports with practical remediation guidance Retest fixes and confirm risk reduction post-remediation Research emerging attack techniques and incorporate them into testing approaches Contribute to improving internal testing standards and playbooks Experience & Skills 3+ years hands-on application penetration testing experience Strong understanding of OWASP WSTG and common application attack paths Confident using tools such as Burp Suite Pro and related testing utilities Experience testing REST APIs; SOAP a plus Comfortable explaining technical findings to developers and security stakeholders Strong report writing and documentation skills Ability to manage multiple testing engagements without quality drop-off Nice to Have Mobile application testing (iOS / Android) Offensive security certifications (OSCP, BSCP, CPTS, similar) Exposure to AI-enabled applications or model-backed APIs Some network or infrastructure testing experience Development background or scripting familiarity Reperio Human Capital acts as an Employment Agency and an Employment Business. Skills: penetration testing Security Dublin Offense Application security Benefits: Work From Home