Perform Web/API application penetration testing and vulnerability assessments.
Effectively communicate and coordinate with engineers, leads and stakeholders to deliver quality and security to the product.
Document vulnerabilities and recommend remediations in clear, detailed reports with exceptional attention to details.
Support product owners in remediating vulnerabilities.
Triage results from SAST and DAST tools and validates real security issues.
Help shape and improve team workflows, tools, and methodologies.
Participate in knowledge sharing, secure coding training for developers, and internal team growth.
Actively enhances professional expertise and skills.
What we expect from you
- 1+ year of professional hands-on experience in web application security, penetration testing, or ethical hacking.
- Strong knowledge of web security fundamentals.
- Comprehensive understanding of software development lifecycle (SDLC)
- Solid knowledge of testing methodologies (OWASP WSTG or similar application security methodologies).
- Familiarity with OWASP Top 10 and common web vulnerabilities (e.g., XSS, SQLi, SSRF).
- Solid knowledge of the various vulnerability types, their root cause, exploitation techniques and mitigation patterns.
- Proficient in using application security testing software and common penetration testing tools such as Kali Linux, Burp Suite, Metasploit, Nmap (NSE), Acunetix, etc.
- Knowledge of how modern web technologies and network protocols work.
- Basic scripting skills (e.g., Python, Bash, PowerShell).
- Strong English communication and reporting skills – both written and verbal.
- Curiosity, initiative, and a growth mindset.
Prior experience in bug bounty programs or CTF competitions.
Programming/development experience (any language: JavaScript, Python, etc.).
Exposure to CI/CD pipelines and DevSecOps practices.
Understanding and hands-on experience in cloud security (AWS/Azure/GCP).
Awareness of privacy and compliance frameworks (e.g., GDPR, HIPAA, ISO 27001).
Relevant certifications such as OSCP, CEH, CompTIA PenTest+, etc.
NIX is a global supplier of software engineering and IT outsourcing services
NIX teams collaborate with partners from different countries. Our specialists have experience in developing innovative projects from ecommerce to cloud for some of the largest companies in the world, including from the Fortune 500. The teams are focused on stable development of the international IT market, business, and their own professional skills.










What we offer
- Competitive compensation packages.
- Stable employment, based on a full-time employment contract.
- Private health insurance (Medicare Сlinic).
- AYCM sport pass, providing discounts at various sports facilities in Hungary.
- Interesting tasks and diverse opportunities for developing your skills.
- Free training courses, including English.
- Participation in internal and external thematic events, technical conferences.
- A spacious office in the heart of Budapest (13th district).
- All necessary devices and tools for your work.
- Friendly, motivating atmosphere.
- Active corporate life.
Become a part of NIX team
