Offensive Security Engineer (Application Testing)
201366
Desired skills:
security, Dublin, manual testing, tester, application security, OWASP
Offensive Security Engineer (Application Testing)
Location: Dublin
Type: Full-Time
Salary: €85,000 - €110,000
A large IT security organisation is expanding its offensive security capability and adding an experienced engineer focused on manual application testing. This role sits within a dedicated assurance function and works closely with engineering and platform teams to identify real-world risks before they become exploitable.
The environment is complex, regulated, and highly technical, with a steady pipeline of internally developed applications and services.
The Role
You'll perform hands-on penetration testing across web applications, APIs, and supporting services, with a strong emphasis on manual techniques over tooling alone. Expect deep dives into application logic, authentication flows, session handling, and custom implementations.
Findings are taken seriously this role partners directly with engineers to explain risk, validate fixes, and improve security posture over time.
What You'll Do
1. Conduct manual web and API penetration tests across internal and customer-facing systems
2. Identify, reproduce, and clearly document vulnerabilities with practical remediation guidance
3. Assess authentication, authorisation, session management, and input handling controls
4. Develop proof-of-concepts to demonstrate exploitability where appropriate
5. Communicate findings to engineering and security stakeholders in a clear, actionable way
6. Support secure design discussions and provide guidance during development cycles
7. Contribute to testing standards, methodologies, and internal knowledge sharing
Skills & Experience
8. 5+ years in application security or penetration testing roles
9. Strong manual testing capability across OWASP Top 10 categories
10. Solid understanding of web technologies, APIs, and common protocols
11. Comfortable testing without reliance on scanners alone
12. Experience with tools such as Burp, custom scripts, and exploit frameworks
13. Working knowledge of Linux/Unix, TCP/IP, and application architectures
14. Ability to explain technical risk to both technical and non-technical audiences
If this role aligns with your experience, apply via the link provided or contact Daniel McIvor at Reperio for more details.
Reperio Human Capital acts as an Employment Agency and an Employment Business.
Recruiter not found