Senior Security Engineer - Penetration Testing (m/w/d)

About the Role

We are seeking individuals with practical experience in Penetration Testing, Red Teaming, or comparable roles. You should possess in-depth knowledge of Application Security, common web application attack techniques, and Windows/AD security analysis. Proficiency with relevant tools such as Burp Suite, Nessus, nmap, Metasploit, and Kali Linux is expected. An interest or initial experience in using AI in Cyber Security/Pentesting is a plus, as is a fundamental understanding of ISMS (ISO 27001) and regulatory requirements (e.g., NIS2), or the willingness to quickly learn these topics.

Responsibilities

• Independent planning and execution of penetration tests focusing on web applications, Windows/Active Directory environments, and network infrastructures.
• Use and continuous development of modern offensive security tools and frameworks (e.g., Burp Suite, Nessus, nmap, Metasploit, Kali Linux toolchain).
• Integration and use of AI-supported approaches to increase efficiency and deepen vulnerability analyses.
• Creation of target-group-oriented reports for technical and management levels, including clear, actionable recommendations.
• Technical consulting of stakeholders in the area of Application Security (OWASP, Secure Coding Practices, etc.).
• Conception and execution of workshops and awareness measures in the security environment.
• Active participation in the further development of offensive security services and methods.

Qualifications

• Practical experience in Penetration Testing, Red Teaming, or comparable roles.
• In-depth knowledge of Application Security, common attack techniques on web applications, and Windows/AD security analyses.
• Confident handling of relevant tools such as Burp Suite, Nessus, nmap, Metasploit, and Kali Linux.
• Interest or initial experience in the use of AI in Cyber Security / Pentesting.
• Basic understanding of ISMS (ISO 27001) and regulatory requirements (e.g., NIS2) or the willingness to quickly familiarize yourself with these topics.
• Very good German and fluent English skills.
• Structured, analytical approach and strong communication skills.
• Certifications such as OSCP, OSWE, eWPT, CRTP, or comparable qualifications are advantageous.

What We Offer

• An exciting, technologically demanding environment with high personal responsibility and scope for initiative.
• Individual career and development opportunities, supported by targeted training and certifications.
• Flexible working models (including home office) and a modern work environment.
• Attractive additional benefits such as meal subsidies, mobility support, and health offerings.
• Subsidy for the climate ticket.
• Company culture characterized by openness, collaboration, and diversity.

About Hays

The IT division is our core competence, on which Hays has developed. We are the largest privately organized IT personnel service provider in Germany and have the right offer for every career stage – whether you are interested in vacancies in agile SMEs or large DAX corporations. We master the entire IT spectrum from support to software architecture or digitalization – thanks to our extensive portfolio, there is something for everyone. In recent decades, as part of a life-long partnership, we have supported countless IT professionals and managers in setting the course for a successful career. Our consulting team is specialized and thus able to respond to your wishes and ideas and to prepare you optimally for job interviews and contract negotiations. Try it out and find out what the market has to offer – completely free of charge, discreet, and non-binding! We look forward to hearing from you.