Security Consultant – Penetration Tester & IT Analyst

Our client, a leading European technology and consulting company with more than 20 years of expertise and presence across multiple international locations, is looking to expand its cybersecurity team with an experienced Security Consultant – Penetration Tester & IT.
Analyst.

This is a hybrid role combining penetration testing, application/security analysis, and IT support/analysis, working on complex, enterprise-level environments within a global and highly regulated context.

Key Responsibilities:

• Perform penetration testing and vulnerability assessments on:
  o Web applications
  o Mobile applications (iOS, Android)
  o Operating systems and network environments
• Identify, exploit, and document security vulnerabilities and provide actionable
  recommendations
• Conduct:
  o Source code reviews
  o Application and system analysis
  o Security scans and diagnostics
• Analyze operational and security data to generate insights and support decision-making
• Work with monitoring tools and logs to identify risks, anomalies, and performance issues
• Collaborate with development, QA, and infrastructure teams to:
  o Resolve security issues
  o Improve system design and resilience
• Support internal stakeholders and clients via:
  o Help desk activities
  o Issue tracking and resolution
  o Technical troubleshooting
• Participate in:
  o User Acceptance Testing (UAT)
  o System improvements and optimization initiatives
• Stay up to date with: Security tools and practices / Emerging threats and vulnerabilities

Key Requirements:

Experience in penetration testing / ethical hacking/security analysis
Strong understanding of:

• Networking (TCP/IP, OSI model, Layer 2/3)
• Operating Systems (Windows, MacOS)
• Web technologies and applications

Hands-on experience with:

• Security tools and vulnerability scanners
• Network packet analysis
• System troubleshooting

Experience with:

• Cloud and/or application security
• Working in enterprise environments

Familiarity with:

• Active Directory, O365, Microsoft ecosystem
• Web platforms (e.g., SharePoint)
• Strong analytical and problem-solving skills
• Ability to communicate findings clearly to both technical and non-technical stakeholders
• Fluent English

Nice to Have:

• Certifications (e.g., CEH, OSCP, Security+, Cisco, ITIL)
• Experience with enterprise software implementations
• Experience with SDLC processes

What’s in It for You:

• Work in an international cybersecurity environment
• Collaboration with global teams
• Structured interview process (internal + client-side)
• Opportunity to work on high-impact, security-critical projects
• Hybrid working model: 4 days per week on-site in Sofia.