Senior Web Application Penetration Tester - Remote Opportunity

About the Role

We are seeking a Senior Web Application Penetration Tester to join our dynamic team at PwC Luxembourg. This remote role offers you the chance to engage in hands-on penetration testing, focusing on web applications and APIs. If you have a passion for cybersecurity and a desire to help clients secure their systems, this is the perfect opportunity for you!

What You'll Do

• Conduct penetration testing projects with a strong emphasis on web applications, APIs, and internet-facing assets.
• Identify, validate, and document vulnerabilities affecting modern applications, including access control flaws, authentication weaknesses, and injection issues.
• For senior profiles, define testing strategies and guide the execution of engagements to ensure high-quality technical delivery.
• Produce clear, concise, and technically accurate penetration test reports for both technical and executive audiences.
• Present findings and recommendations to clients, supporting debriefing sessions with technical teams and management.
• Contribute to the preparation of proposals for penetration tests and technical projects, including effort estimation and scoping.
• Help improve our labs, tooling, knowledge base, and internal methodologies for web and API security testing.
• Engage in continuous learning through mentoring, technical exchanges, and shared research.

Requirements

• Strong academic background in Computer Science, Network Engineering, Cybersecurity, or a related field.
• Hands-on familiarity with web testing tools and techniques, such as Burp Suite or equivalent.
• Experience with common web application security standards, testing methodologies, and guidance, such as the OWASP Top 10.
• Solid understanding of web technologies, authentication mechanisms, and modern application architectures.
• Ability to communicate clearly and professionally in English, both verbally and in writing.
• For senior profiles, experience leading client engagements and mentoring junior colleagues.

Nice to Have

• Prior experience in offensive security or cybersecurity consulting.
• Recognized certifications such as OSWE, OSCP, or equivalent.
• Experience sharing knowledge with the community through talks, blogs, or research.
• Interest in offensive R&D and staying updated on web exploitation techniques.

What We Offer

• Competitive salary range of $90,000 to $120,000 per year.
• Comprehensive relocation support for those moving to Luxembourg.
• Visa sponsorship available for qualified candidates.
• A collaborative and inclusive work environment that values diversity.
• Opportunities for professional development and continuous learning.
• Engagement in leading cybersecurity events and conferences.
• Access to a global network of cybersecurity experts.
• Flexible work arrangements to support work-life balance.