Offensive Security Engineer (Application Testing)
Location: DublinType: Full-TimeSalary: €85,000 - €110,000
A large IT security organisation is expanding its offensive security capability and adding an experienced engineer focused on manual application testing. This role sits within a dedicated assurance function and works closely with engineering and platform teams to identify real‑world risks before they become exploitable.
The environment is complex, regulated, and highly technical, with a steady pipeline of internally developed applications and services.
The Role
You’ll perform hands‑on penetration testing across web applications, APIs, and supporting services, with a strong emphasis on manual techniques over tooling alone. Expect deep dives into application logic, authentication flows, session handling, and custom implementations.
Findings are taken seriously as this role partners directly with engineers to explain risk, validate fixes, and improve security posture over time.
What You’ll Do
Conduct manual web and API penetration tests across internal and customer‑facing systems
Identify, reproduce, and clearly document vulnerabilities with practical remediation guidance
Assess authentication, authorisation, session management, and input handling controls
Develop proof‑of‑concepts to demonstrate exploitability where appropriate
Communicate findings to engineering and security stakeholders in a clear, actionable way
Support secure design discussions and provide guidance during development cycles
Contribute to testing standards, methodologies, and internal knowledge sharing
Skills & Experience
5+ years in application security or penetration testing roles
Strong manual testing capability across OWASP Top 10 categories
Solid understanding of web technologies, APIs, and common protocols
Comfortable testing without reliance on scanners alone
Experience with tools such as Burp, custom scripts, and exploit frameworks
Working knowledge of Linux/Unix, TCP/IP, and application architectures
Ability to explain technical risk to both technical and non-technical audiences
If this role aligns with your experience, apply via the link provided or contact Daniel McIvor at Reperio for more details.
Reperio Human Capital acts as an Employment Agency and an Employment Business.
Skills: security Dublin manual testing tester application security OWASP
Benefits: Work From Home
#J-18808-Ljbffr