Application Security Engineer (Offensive Testing)
197227
Desired skills:
penetration testing, Security, Dublin, Offense, Application security
Application Security Engineer (Offensive Testing)
Location: Dublin
Type: Full-Time
Salary: €65,000 - €85,000
A mature security programme supporting a large, transaction-heavy environment is expanding its offensive testing capability. This role sits within an attack surface and application assurance function, focused on identifying real-world risk in modern web, mobile, and API-driven systems.
The position suits someone who prefers manual testing over checkbox scanning, is comfortable engaging directly with engineers, and can clearly articulate how issues should be fixed - not just where they exist.
The Role
You'll carry out hands-on application penetration testing across web, mobile, and API estates. The work is scoped, repeatable, and embedded into development and remediation cycles rather than one-off assessments.
Expect deep dives into application logic, auth flows, and API behaviour, alongside regular interaction with engineering teams to validate fixes and improve secure design over time.
Responsibilities
1. Perform manual application penetration testing across web, mobile, and API services
2. Test against OWASP methodologies with a focus on logic flaws and abuse cases
3. Scope applications collaboratively to ensure meaningful coverage
4. Identify, validate, and prioritise vulnerabilities using CVSS and contextual risk
5. Produce clear, evidence-backed reports with practical remediation guidance
6. Retest fixes and confirm risk reduction post-remediation
7. Research emerging attack techniques and incorporate them into testing approaches
8. Contribute to improving internal testing standards and playbooks
Experience & Skills
9. 3+ years hands-on application penetration testing experience
10. Strong understanding of OWASP WSTG and common application attack paths
11. Confident using tools such as Burp Suite Pro and related testing utilities
12. Experience testing REST APIs; SOAP a plus
13. Comfortable explaining technical findings to developers and security stakeholders
14. Strong report writing and documentation skills
15. Ability to manage multiple testing engagements without quality drop-off
Nice to Have
16. Mobile application testing (iOS / Android)
17. Offensive security certifications (OSCP, BSCP, CPTS, similar)
18. Exposure to AI-enabled applications or model-backed APIs
19. Some network or infrastructure testing experience
20. Development background or scripting familiarity
Reperio Human Capital acts as an Employment Agency and an Employment Business.
Recruiter not found