Senior Analyst - Penetration Tester

Sysco

Poland
Hybrid (2 days in the office)
Web application and api testing
Cloud security testing (azure, aws, gcp)
Active directory and azure ad assessment
Sysco is seeking a Senior Analyst - Penetration Tester to lead security testing for web applications, APIs, and cloud environments. The role requires a strong background in penetration testing and collaboration with various security teams, while offering a hybrid work schedule with flexibility

Job Summary

  • Lead testing across web applications, APIs, cloud services (Azure, AWS, GCP) and internal environments.
  • Use Veracode SAST/DAST and Burp Suite for issue identification, followed by deep manual testing.
  • Participate in planned evening and weekend testing windows, with weekdays off in exchange to maintain a ~40-hour work week.

Matching Summary

Match Score: 85

Sysco is seeking a Senior Analyst - Penetration Tester to lead security testing for web applications, APIs, and cloud environments. The role requires a strong background in penetration testing and collaboration with various security teams, while offering a hybrid work schedule with flexibility.

Skills & Requirements

Must-have

  • web application and API testing
  • cloud security testing (Azure, AWS, GCP)
  • Active Directory and Azure AD assessment
  • AI/ML/LLM security testing
  • manual vulnerability retesting
  • simulating attacks for detection validation

Nice-to-have

  • mobile app testing experience
  • building custom security scripts
  • sharing research and tooling

Key Requirements

  • 5+ years of penetration testing experience
  • Experience with Veracode or similar SAST/DAST
  • Experience with Burp Suite
  • Experience testing Azure, AWS, and GCP
  • Experience with BloodHound or comparable tooling
  • Experience testing AI/ML/LLM systems
  • Comfortable with planned off-hours work

Work Rights

Not specified

Tailored Resume

Cover Letter